IPsec: Try to restart always-on tunnels immediately

When a tunnel that is in always-on configuration closes
unexpectedly, we can instruct strongSwan to restart it
immediately which is precisely what we do now.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/core/119/filelists/files

@@ -5,4 +5,5 @@ etc/rc.d/init.d/unbound
 srv/web/ipfire/cgi-bin/index.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/proxy.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
 var/ipfire/langs

config/rootfiles/core/119/update.sh

@@ -73,8 +73,14 @@ rm -vf \
 
 # Start services
 
-# This update need a reboot...
-#touch /var/run/need_reboot
+# Regenerate IPsec configuration
+sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi
+if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+	/etc/init.d/ipsec restart
+fi
+
+# This update needs a reboot...
+touch /var/run/need_reboot
 
 # Finish
 /etc/init.d/fireinfo start