From 60c732a6a1cbbe8b6112f3517140f03481c97956 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Wed, 27 Nov 2019 14:04:37 +0100
Subject: [PATCH] onion-chef: set RemainAfterExit, fix tor dependency

This better fits the semantics of this unit and allows for easier
automated testing whether the service is active.

wantedBy = bindsTo = after = tor.service is the simplest way to ensure
that this unit is always running/restarted in lockstep with tor.
Previously, onion-chef would have stayed inactive in the case
that tor was stopped and then later restarted.
---
 modules/onion-chef.nix | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/modules/onion-chef.nix b/modules/onion-chef.nix
index 0ec05c0..df9c36f 100644
--- a/modules/onion-chef.nix
+++ b/modules/onion-chef.nix
@@ -70,14 +70,13 @@ in {
   config = mkIf cfg.enable {
     systemd.services.onion-chef = {
       description = "Run onion-chef";
-      wantedBy = [ "multi-user.target" ];
-      requires = [ "tor.service" ];
-      partOf = [ "tor.service" ];
+      wantedBy = [ "tor.service" ];
+      bindsTo = [ "tor.service" ];
       after = [ "tor.service" ];
       serviceConfig = {
         ExecStart = "${pkgs.bash}/bin/bash ${onion-chef-script}";
-        User = "root";
         Type = "oneshot";
+        RemainAfterExit = true;
       } // nix-bitcoin-services.defaultHardening;
     };
   };