ctucx.git: nixfiles

machines/briefkasten/solar-nrw/vpn: always restart, max runtime 1h, notify on crash

diff --git a/machines/briefkasten/solar-nrw/solax2mqtt.nix b/machines/briefkasten/solar-nrw/solax2mqtt.nix
@@ -40,7 +40,7 @@ in {
 
       RuntimeDirectory = "solax2mqtt";
 
-      RuntimeMaxSec = "1d";
+#      RuntimeMaxSec = "1h";
       Restart       = "always";
       RestartSec    = "5";
 

diff --git a/machines/briefkasten/solar-nrw/vpn.nix b/machines/briefkasten/solar-nrw/vpn.nix
@@ -6,6 +6,12 @@
     wegberg-vpn-secrets.file = ./. + "/../../../secrets/${config.networking.hostName}/solar-nrw/vpn-secrets.age";
   };
 
+  systemd.services.strongswan.serviceConfig = {
+    Restart       = "always";
+    RuntimeMaxSec = "1h";
+    onFailure     = [ "email-notify@%i.service" ];
+  };
+
   services.strongswan = {
     enable = true;