From e745991b9d20fe11bf17873de7087f015c4bea1b Mon Sep 17 00:00:00 2001
From: Daniel Barlow <dan@telent.net>
Date: Fri, 30 Aug 2024 20:49:27 +0100
Subject: [PATCH] restart pppoe/l2tp in secrets changes

---
 modules/ppp/l2tp.nix  | 28 ++++++++++++++++------------
 modules/ppp/pppoe.nix | 35 ++++++++++++++++++++---------------
 2 files changed, 36 insertions(+), 27 deletions(-)

diff --git a/modules/ppp/l2tp.nix b/modules/ppp/l2tp.nix
index 6f50851..10308d1 100644
--- a/modules/ppp/l2tp.nix
+++ b/modules/ppp/l2tp.nix
@@ -1,6 +1,7 @@
 {
   liminix
 , lib
+, svc
 , output-template
 , writeAshScript
 , writeText
@@ -78,16 +79,19 @@ let
     max redials = 2 # this gives 1 actual retry, as xl2tpd can't count
   '';
   control = "/run/${name}/control";
-in
-longrun {
-  inherit name;
-  run = ''
-    mkdir -p /run/${name}
-    chmod 0700 /run/${name}
-    touch ${control}
-    in_outputs ${name}
-    echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
-    exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} 
-  '';
-  notification-fd = 10;
+  service = longrun {
+    inherit name;
+    run = ''
+      mkdir -p /run/${name}
+      chmod 0700 /run/${name}
+      touch ${control}
+      in_outputs ${name}
+      echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
+      exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} 
+    '';
+    notification-fd = 10;
+  };
+in svc.secrets.subscriber.build {
+  watch = [ username password ];
+  inherit service;
 }
diff --git a/modules/ppp/pppoe.nix b/modules/ppp/pppoe.nix
index a152918..7a575cc 100644
--- a/modules/ppp/pppoe.nix
+++ b/modules/ppp/pppoe.nix
@@ -1,5 +1,6 @@
 {
   liminix
+, svc
 , lib
 , output-template
 , ppp
@@ -66,19 +67,23 @@ let
         "logfd" "2"
        ];
   timeoutOpt = if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else "";
-in
-longrun {
-  inherit name;
-  run = ''
-    mkdir -p /run/${name}
-    chmod 0700 /run/${name}
-    in_outputs ${name}
-    echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
-    exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt}  -I $(output ${interface} ifname)" file /run/${name}/ppp-options
-  '';
-  notification-fd = 10;
-  timeout-up = if lcpEcho.failure != null
-               then (10 + lcpEcho.failure * lcpEcho.interval) * 1000
-               else 60 * 1000;
-  dependencies = [ interface ];
+  service = longrun {
+    inherit name;
+    run = ''
+      mkdir -p /run/${name}
+      chmod 0700 /run/${name}
+      in_outputs ${name}
+      echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
+      exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt}  -I $(output ${interface} ifname)" file /run/${name}/ppp-options
+    '';
+    notification-fd = 10;
+    timeout-up = if lcpEcho.failure != null
+                 then (10 + lcpEcho.failure * lcpEcho.interval) * 1000
+                 else 60 * 1000;
+    dependencies = [ interface ];
+  };
+in svc.secrets.subscriber.build {
+  watch = [ username password ];
+  inherit service;
+  action = "restart-all";
 }