From 9a076cd812fe75cf7fc044b29a488511cdf1a4b9 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Mon, 4 Nov 2019 14:13:22 -0500
Subject: [PATCH] comment both these sections

reordering/reformatting just to make commenting easier
---
 nixos/modules/issuer.nix | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix
index d2d6b9f2..95b49bd7 100644
--- a/nixos/modules/issuer.nix
+++ b/nixos/modules/issuer.nix
@@ -82,13 +82,19 @@ in {
       enable = true;
       description = "ZKAP Issuer";
       wantedBy = [ "multi-user.target" ];
+
+      # Make sure we have a certificate the first time, if we are running over
+      # TLS and require a certificate.
+      requires = lib.optional cfg.tls "cert-${cfg.domain}";
+
       after = [
         # Make sure there is a network so we can bind to all of the
         # interfaces.
         "network.target"
-      ];
-      # Make sure we at least have a certificate.
-      requires = lib.optional cfg.tls "cert-${cfg.domain}";
+      ] ++
+        # Make sure we run after the certificate is issued, if we are running
+        # over TLS and require a certificate.
+        lib.optional cfg.tls "cert-${cfg.domain}";
 
       serviceConfig = {
         ExecStart =
-- 
GitLab