Re: NetworkManager Plugin for Wireguard

On Wed, 2017-04-05 at 11:26 +0200, Maximilian Moser wrote:
Good Day,

My name is Maximilian Moser and I am a CS (software engineering)
student at the Vienna University of Technology.
For my Bachelor's Thesis, I was asked to write a plugin for
NetworkManager to support the VPN client wireguard (https://www.wireg

As is usually the case, getting started might just be the hardest
part; at least I found that the internet is not exactly bursting with
introductions on how to write nm plugins.

Therefore, I'd like to ask if you could give me any hints at how to
get this project on its feet :)

Thanks in advance and
Best regards,

Hi Max,

It seems quite a large project for a Bachelor Thesis to me. But we
would very much like to get such a plugin, so great if you can pull
this off!! :)

The VPN plugins implement a rather simple D-Bus API, so in principle
that can be done in a multitude of ways. However, the way all plugins
came into existence is by copying an existing plugin and adjust it.
That means in all existing cases: C + glib (+ gtk for the GUI

The ones that I think are most up-to-date regarding current best
practices are (IMO)

openvpn is rather large, very likely wireguard would be much simpler,
so basing your initial version on NetworkManager-openvpn means you
probably will delete a lot of code. Still, I think openvpn is the most
idiomatic one, so that one might be a good start.

Note that plasma-nm re-implements the client part of the VPN plugins:
Recently the client-libraries got split in a core-part (libnm-vpn- and a GTK part ( 
IMO nowadays, it would be preferred if QT would not re-implement the
core part -- to do import/export -- but only add the GUI part on top of
it). Also because, one day the core part hopefully get additional

When building a VPN plugin, you can install it also in a private path
like --prefix=/opt/nm-plugin. I do that usually, because I don't want
to mess up my system with files outside the packagement system.
That works, but you need to tell NetworkManager that the plugin exists.
Basically, copy a file like "" to

If you just want the client-side integration (for nmcli, nm-connection-
editor, gnome-shell), you can also instead set the environment

  $ NM_VPN_PLUGIN_DIR=/opt/nm-plugin/lib/NetworkManager/VPN/ nm-connection-editor

(when doing that, also `./configure --enable-absolute-paths`).

Also note that all plugins currently come with two flavors of the
client library: one for and one for The latter one is deprecated and exists for supporting older
versions of nm-connection-editor. Probably you don't have to care about
that and can just strip it out. Grep for NM_VPN_OLD... but then you
see, that it isn't too invasive either, so maybe it's not too hard to
support that too.

See also

Meet us on IRC (#nm on freenode).


Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]