Use nixops implementation of key services

src/nix/hive/modules.nix

@@ -78,19 +78,30 @@ with builtins; {
       systemd.services = lib.mapAttrs' (name: val: {
         name = "${name}-key";
         value = {
-          bindsTo = [ "${name}-key.path" ];
+          enable = true;
           serviceConfig = {
-            Restart = "on-failure";
+            TimeoutStartSec = "infinity";
+            Restart = "always";
+            RestartSec = "100ms";
           };
           path = [ pkgs.inotify-tools ];
-          script = ''
+          preStart = ''
-            if [[ ! -e "${val.path}" ]]; then
+            (while read f; do if [ "$f" = "${val.name}" ]; then break; fi; done \
-              >&2 echo "${val.path} does not exist"
+              < <(inotifywait -qm --format '%f' -e create,move ${val.destDir}) ) &
+            if [[ -e "${val.path}" ]]; then
+              echo 'flapped down'
+              kill %1
               exit 0
             fi
-
+            wait %1
-            inotifywait -qq -e delete_self "${val.path}"
+          '';
-            >&2 echo "${val.path} disappeared"
+          script = ''
+            inotifywait -qq -e delete_self "${val.path}" &
+            if [[ ! -e "${val.path}" ]]; then
+              echo 'flapped up'
+              exit 0
+            fi
+            wait %1
           '';
         };
       }) config.deployment.keys;