From 48a0ea0513146b8696fa9ef2fd65752336bf1a7c Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Thu, 1 Nov 2012 23:32:12 +0100
Subject: [PATCH] =?UTF-8?q?Make=20Apache=20wait=20for=20=E2=80=98charon=20?=
 =?UTF-8?q?send-keys=E2=80=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

(This is a no-op on non-Charon deployments since the ‘keys.target’
unit won't have any dependencies.)
---
 .../web-servers/apache-httpd/default.nix         | 16 ++++++----------
 modules/system/boot/systemd.nix                  |  5 +++++
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix
index ab55e43405ba..8e4a516ea134 100644
--- a/modules/services/web-servers/apache-httpd/default.nix
+++ b/modules/services/web-servers/apache-httpd/default.nix
@@ -580,11 +580,12 @@ in
         date.timezone = "${config.time.timeZone}"
       '';
 
-    jobs.httpd =
+    boot.systemd.services.httpd =
       { description = "Apache HTTPD";
 
         wantedBy = [ "multi-user.target" ];
-        after = [ "network.target" "fs.target" "postgresql.service" ];
+        requires = [ "keys.target" ];
+        after = [ "network.target" "fs.target" "postgresql.service" "keys.target" ];
 
         path =
           [ httpd pkgs.coreutils pkgs.gnugrep ]
@@ -596,9 +597,7 @@ in
 
         environment =
           { PHPRC = if enablePHP then phpIni else "";
-
             TZ = config.time.timeZone;
-
           } // (listToAttrs (concatMap (svc: svc.globalEnvVars) allSubservices));
 
         preStart =
@@ -628,12 +627,9 @@ in
             done
           '';
 
-        exec = "httpd -f ${httpdConf} -DNO_DETACH";
-
-        preStop =
-          ''
-            ${httpd}/bin/httpd -f ${httpdConf} -k graceful-stop
-          '';
+        serviceConfig.ExecStart = "@${httpd}/bin/httpd httpd -f ${httpdConf} -DNO_DETACH";
+        serviceConfig.ExecStop = "${httpd}/bin/httpd -f ${httpdConf} -k graceful-stop";
+        serviceConfig.Restart = "always";
       };
 
   };
diff --git a/modules/system/boot/systemd.nix b/modules/system/boot/systemd.nix
index 2413509790d3..6992299cc88c 100644
--- a/modules/system/boot/systemd.nix
+++ b/modules/system/boot/systemd.nix
@@ -442,6 +442,11 @@ in
         }
       ];
 
+    # Target for ‘charon send-keys’ to hook into.
+    boot.systemd.targets.keys =
+      { description = "Security Keys";
+      };
+
     boot.systemd.units =
       { "rescue.service".text = rescueService; }
       // mapAttrs' (n: v: nameValuePair "${n}.target" (targetToUnit n v)) cfg.targets