From 55c05c18c73873772bb02877114d581c4edbc593 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Fri, 10 Mar 2017 15:35:24 +0100
Subject: [PATCH] l 2 hfos: restart iptables after libvirtd restart

---
 lass/2configs/hfos.nix | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix
index a28a6a5d2..f63e5ea53 100644
--- a/lass/2configs/hfos.nix
+++ b/lass/2configs/hfos.nix
@@ -36,5 +36,12 @@ with import <stockholm/lib>;
     { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
   ];
 
-  systemd.services.krebs-iptables.after = [ "libvirtd.service" ];
+  # TODO use bridge interfaces instead of this crap
+  systemd.services.libvirtd.serviceConfig.ExecStartPost = let
+    restart-iptables = pkgs.writeDash "restart-iptables" ''
+      #soo hacky
+      ${pkgs.coreutils}/bin/sleep 1s
+      ${pkgs.systemd}/bin/systemctl restart krebs-iptables.service
+    '';
+  in restart-iptables;
 }