Most importantly, do you know how to make it autoconnect? I set connection.autoconnect to yes but that doesn’t seem to cause it to autoconnect on boot. When I bring it up manually with nmcli connection up it works fine. I had to set connection.secondaries to be the uuid of the vpn connection.
Less importantly, why is sudo restorecon -R /root needed? What is changing that needs its context restored? Nevermind, it is probably for the certs that are stored under /root.
I used wicked before, I’m not familiar with nmcli. I occasionally use nmtui. So far, that was clear to me: Isn’t a 100% match to your question.
I don’t understand why you marked it as solution?