Set up a bunch of OpenVPN connections using nmcli with username and password

vpn-setup.sh

#!/usr/bin/env bash

USERNAME="$1"
PASS="$2"

for f in  *.ovpn 
do    
        name=`basename -s .ovpn $f`;
        nmcli connection import type openvpn file $f
        nmcli connection modify "${name}" +vpn.data connection-type=password-tls
        nmcli connection modify "${name}" +vpn.data username="${USERNAME}"
        nmcli connection modify "${name}" +vpn.secrets password="${PASS}"
done

You're welcome :)
I don't mind adding this, but it's weird, because it worked for me without modifying the connection type.
Any idea what could have caused it? Was the connection type specified in the ovpn file, did it work by accident, or work incorrectly for me? (the good old famous even number of mistakes)

I didn't sorta investigate much, but I doubt any kind of type was specified in the config.
At least on fedora 36, I added OpenVPN configs using this script and the Auth type was set to Certificate(TLS), event though username and password are actually saved alongside it, if that's the case, you can just change the Auth Type to Password With Certificate(TLS) in GUI, it would work and username and password would automatically show up.
This line which I added would do this to each imported config.

Thanks for the clarification, I'll add it

Thank you for your script, which solved the problem I had all night, bypassing the damn GUI and making the system remember my VPN password.

This script saved me. Had 50 vpn connections. Like any programmer, they want to automate everything. I wanted to make a script but im very bad at Bash. Then I found this. Can sleep tonight

This script could be simplified and improved a bit. One could also add a thrird argument to provide a path where the processed OVPN files should be located. I usually also append the following configuration to nmcli c mod:

• ipv6.method disabled (I have no IPv6 in my local and remote networks);
• ipv4.never-default yes (I usually want to connect to specific servers only via the VPN; some VPN servers require it to be set to no though).

#!/usr/bin/env bash

USERNAME="$1"
PASS="$2"

for f in  *.ovpn; do
  nmcli c i type openvpn file "$f"
  nmcli c mod "$(basename -s .ovpn "$f")" \
    +vpn.data "connection-type=password-tls, username=$USERNAME" \
    vpn.secrets "password=$PASS"
done

Changes:

• I removed unnecessary ; at a command;
• I replaced deprecated backticks with $();
• I removed curly brackets from ${name}, ${USERNAME} and ${PASS}, as the curly brackets are unnecessary;
• I added quotes around f variable in order to make that filenames that contain spaces and special characters don’t cause any issues;
• I have merged nmcli connection modify commands;
• I have removed name variable, as it would be used only once;
• I have removed + before vpn.secrets, as AFAIk there is only one secret (password);
• I have shortened nmcli connection import to nmcli c i;
• I have shortened nmcli connection modify to nmcli c mod;
• I have moved do to the previous line (this change is not necessary, it is only a style preference).