feat(ovpntunnel): show all cert expirations

src/components/standalone/openvpn_tunnel/TunnelInfoModal.vue

@@ -6,9 +6,7 @@
 import { NeModal } from '@nethesis/vue-components'
 import { useI18n } from 'vue-i18n'
 import type { ServerTunnel, ClientTunnel } from './TunnelManager.vue'
-import { watch, ref, computed } from 'vue'
-import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome'
-import { getCertificateStatus } from './TunnelTable.vue'
+import { watch, ref } from 'vue'
 
 const { t, locale } = useI18n()
 
@@ -32,15 +30,6 @@ const emit = defineEmits(['close'])
 function isClientTunnel(item: ServerTunnel | ClientTunnel): item is ClientTunnel {
   return 'remote_host' in item
 }
-
-const certificateStatus = computed(() => {
-  if (!_itemToShow.value?.cert_expiry_ts) return { show: false }
-  return getCertificateStatus(
-    _itemToShow.value.cert_expiry_ts,
-    isClientTunnel(_itemToShow.value),
-    true
-  )
-})
 </script>
 
 <template>
@@ -224,33 +213,31 @@ const certificateStatus = computed(() => {
         </p>
       </template>
 
-      <!-- cert_expiry_ts -->
-      <p class="text-sm font-semibold">
-        {{
-          isClientTunnel(_itemToShow!)
-            ? t('standalone.openvpn_tunnel.client_cert_expiry')
-            : t('standalone.openvpn_tunnel.cert_expiry')
-        }}
-      </p>
-      <div class="flex flex-col gap-2">
+      <!-- certificates -->
+      <template v-if="!isClientTunnel(_itemToShow!) && _itemToShow.certificates.server">
+        <p class="text-sm font-semibold">
+          {{ t('standalone.openvpn_tunnel.server_cert_expiration') }}
+        </p>
+        <p class="text-sm text-gray-600 dark:text-gray-400">
+          {{ new Date(_itemToShow.certificates.server * 1000).toLocaleString(locale) }}
+        </p>
+      </template>
+      <template v-if="_itemToShow.certificates.client">
+        <p class="text-sm font-semibold">
+          {{ t('standalone.openvpn_tunnel.client_cert_expiration') }}
+        </p>
         <p class="text-sm text-gray-600 dark:text-gray-400">
-          {{
-            _itemToShow.cert_expiry_ts
-              ? new Date(_itemToShow.cert_expiry_ts * 1000).toLocaleString(locale)
-              : ''
-          }}
+          {{ new Date(_itemToShow.certificates.client * 1000).toLocaleString(locale) }}
         </p>
-        <span v-if="certificateStatus.show" class="flex items-center gap-2">
-          <FontAwesomeIcon
-            :icon="certificateStatus.icon"
-            :class="['h-4 w-4', certificateStatus.colorClass]"
-            aria-hidden="true"
-          />
-          <p class="text-sm text-gray-600 dark:text-gray-400">
-            {{ t(certificateStatus.messageKey!, certificateStatus.messageParams!) }}
-          </p>
-        </span>
-      </div>
+      </template>
+      <template v-if="_itemToShow.certificates.CA">
+        <p class="text-sm font-semibold">
+          {{ t('standalone.openvpn_tunnel.ca_cert_expiration') }}
+        </p>
+        <p class="text-sm text-gray-600 dark:text-gray-400">
+          {{ new Date(_itemToShow.certificates.CA * 1000).toLocaleString(locale) }}
+        </p>
+      </template>
     </div>
   </NeModal>
 </template>

src/components/standalone/openvpn_tunnel/TunnelManager.vue

@@ -27,7 +27,11 @@ import { getProductName } from '@/lib/config'
 
 export type ServerTunnel = {
   /* always available */
-  cert_expiry_ts: number
+  certificates: {
+    server: number
+    client: number
+    CA: number
+  }
   connected: boolean
   enabled: boolean
   id: string
@@ -47,7 +51,10 @@ export type ServerTunnel = {
 
 export type ClientTunnel = {
   /* always available */
-  cert_expiry_ts: number
+  certificates: {
+    client: number
+    CA: number
+  }
   connected: boolean
   enabled: boolean
   id: string

src/components/standalone/openvpn_tunnel/TunnelTable.vue

@@ -29,11 +29,19 @@ export function isCertificatesExpired(expiryTimestamp: number): boolean {
 }
 
 export function getCertificateStatus(
-  expiryTimestamp: number,
+  certificates: { [key: string]: number },
   isClientTunnel: boolean = false,
   tunnelDetailModal: boolean = false
 ): CertificateStatusResult {
-  if (isCertificatesExpired(expiryTimestamp)) {
+  // Determine which certificate to check (client for client tunnels, server for server tunnels)
+  const certToCheck = isClientTunnel ? certificates.client : certificates.server
+
+  // If the certificate is not available, return no status to show
+  if (!certToCheck) {
+    return { show: false }
+  }
+
+  if (isCertificatesExpired(certToCheck)) {
     return {
       show: true,
       icon: faCircleExclamation,
@@ -48,7 +56,7 @@ export function getCertificateStatus(
     }
   }
 
-  if (shouldShowCertExpiryBadge(expiryTimestamp)) {
+  if (shouldShowCertExpiryBadge(certToCheck)) {
     return {
       show: true,
       icon: faTriangleExclamation,
@@ -61,7 +69,7 @@ export function getCertificateStatus(
           ? 'standalone.openvpn_tunnel.client_cert_expiring_message'
           : 'standalone.openvpn_tunnel.cert_expiring_message',
       messageParams: {
-        days: getDaysUntilExpiry(expiryTimestamp)
+        days: getDaysUntilExpiry(certToCheck)
       }
     }
   }
@@ -220,17 +228,17 @@ function checkIsClientTunnel(item: ServerTunnel | ClientTunnel): item is ClientT
             <p :class="[...getCellClasses(item)]">{{ item.ns_name }}</p>
             <NeTooltip
               v-if="
-                item.cert_expiry_ts &&
-                getCertificateStatus(item.cert_expiry_ts, checkIsClientTunnel(item)).show
+                item.certificates &&
+                getCertificateStatus(item.certificates, checkIsClientTunnel(item)).show
               "
               interactive
             >
               <template #trigger>
                 <FontAwesomeIcon
-                  :icon="getCertificateStatus(item.cert_expiry_ts, checkIsClientTunnel(item)).icon"
+                  :icon="getCertificateStatus(item.certificates, checkIsClientTunnel(item)).icon"
                   :class="[
                     'h-4 w-4',
-                    getCertificateStatus(item.cert_expiry_ts, checkIsClientTunnel(item)).colorClass
+                    getCertificateStatus(item.certificates, checkIsClientTunnel(item)).colorClass
                   ]"
                   aria-hidden="true"
                 />
@@ -239,8 +247,7 @@ function checkIsClientTunnel(item: ServerTunnel | ClientTunnel): item is ClientT
                 <p class="text-center">
                   {{
                     t(
-                      getCertificateStatus(item.cert_expiry_ts, checkIsClientTunnel(item))
-                        .messageKey!
+                      getCertificateStatus(item.certificates, checkIsClientTunnel(item)).messageKey!
                     )
                   }}
                 </p>

src/i18n/en.json

@@ -2086,8 +2086,8 @@
       "regenerate_cert_button": "Regenerate",
       "tunnel_name_max_length": "Maximum 10 characters allowed",
       "tunnel_details": "Tunnel details",
-      "cert_expiring_message": "Certificates expiring soon",
-      "client_cert_expiring_message": "Certificate expiring soon",
+      "cert_expiring_message": "Server certificate will expire soon",
+      "client_cert_expiring_message": "Client certificate will expire soon",
       "cert_expiring_complete_message": "The certificates will expire in {days} days",
       "client_cert_expiring_complete_message": "The client certificate will expire in {days} days",
       "cert_expired_message": "Certificates are expired",
@@ -2096,8 +2096,9 @@
       "client_cert_expired_complete_message": "The client certificate is expired",
       "bytes_received": "Bytes received",
       "bytes_sent": "Bytes sent",
-      "client_cert_expiry": "Client certificate expire",
-      "cert_expiry": "Certificates expire",
+      "server_cert_expiration": "Server certificate expiration",
+      "client_cert_expiration": "Client certificate expiration",
+      "ca_cert_expiration": "CA certificate expiration",
       "tunnel_id": "Tunnel ID",
       "real_address": "Real address",
       "since": "Connection start",

src/i18n/it.json

@@ -1477,8 +1477,8 @@
       "regenerate_cert_button": "Rigenera",
       "tunnel_name_max_length": "Massimo 10 caratteri",
       "tunnel_details": "Dettagli tunnel",
-      "cert_expiring_message": "Certificati in scadenza",
-      "client_cert_expiring_message": "Certificato in scadenza",
+      "cert_expiring_message": "Il certificato del server scadrà presto",
+      "client_cert_expiring_message": "Il certificato del client scadrà presto",
       "cert_expiring_complete_message": "I certificati scadranno tra {days} giorni",
       "client_cert_expiring_complete_message": "Il certificato del client scadrà tra {days} giorni",
       "cert_expired_message": "Certificati scaduti",
@@ -1487,8 +1487,9 @@
       "client_cert_expired_complete_message": "Il certificato del client è scaduto",
       "bytes_received": "Bytes ricevuti",
       "bytes_sent": "Bytes inviati",
-      "client_cert_expiry": "Scadenza certificato client",
-      "cert_expiry": "Scadenza certificati",
+      "server_cert_expiration": "Scadenza certificato server",
+      "client_cert_expiration": "Scadenza certificato client",
+      "ca_cert_expiration": "Scadenza certificato CA",
       "tunnel_id": "ID Tunnel",
       "real_address": "Indirizzo reale",
       "since": "Inizio connessione",