vars: add restartUnits option

For secrets not part of the nix store there is no other way in NixOS to
restart a service after the secret is updated. One example is changing
password in userborn, which doesn't run as a activation script but as a
systemd service.

clanModules/root-password/roles/default.nix

@@ -1,6 +1,7 @@
 {
   pkgs,
   config,
+  lib,
   ...
 }:
 {
@@ -12,6 +13,7 @@
     files.password-hash = {
       neededFor = "users";
     };
+    files.password-hash.restartUnits = lib.optional (config.services.userborn.enable) "userborn.service";
     files.password = {
       deploy = false;
     };

clanModules/user-password/roles/default.nix

@@ -31,6 +31,7 @@ in
 
     clan.core.vars.generators.user-password = {
       files.user-password-hash.neededFor = "users";
+      files.user-password-hash.restartUnits = lib.optional (config.services.userborn.enable) "userborn.service";
 
       prompts.user-password.type = "hidden";
       prompts.user-password.persist = true;