Extract fail2ban restart orchestration into jail_service

backend/app/routers/config_misc.py

@@ -33,7 +33,6 @@ from app.services import (
     jail_service,
     log_service,
 )
-from app.utils.config_file_utils import start_daemon, wait_for_fail2ban
 
 log: structlog.stdlib.BoundLogger = structlog.get_logger()
 
@@ -187,9 +186,11 @@ async def restart_fail2ban(
     """
     start_cmd_parts: list[str] = start_cmd.split()
 
-    # Step 1: stop the daemon via socket.
     try:
-        await jail_service.restart(socket_path)
+        restarted = await jail_service.restart_daemon(
+            socket_path,
+            start_cmd_parts,
+        )
     except JailOperationError as exc:
         raise HTTPException(
             status_code=status.HTTP_409_CONFLICT,
@@ -198,16 +199,7 @@ async def restart_fail2ban(
     except Fail2BanConnectionError as exc:
         raise _bad_gateway(exc) from exc
 
-    # Step 2: start the daemon via subprocess.
-    await start_daemon(start_cmd_parts)
-
-    # Step 3: probe the socket until fail2ban is responsive or the budget
-    # expires.
-    fail2ban_running: bool = await wait_for_fail2ban(
-        socket_path,
-        max_wait_seconds=10.0,
-    )
-    if not fail2ban_running:
+    if not restarted:
         raise HTTPException(
             status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
             detail=(