Improve robustness of systemd service configuration

This is as good as we can get until
hashicorp/vault#5079 is merged.

Notified restarts will still NOT cause a Chef run failure, although any
subsequest (re)starts WILL.

libraries/helpers.rb

@@ -101,6 +101,7 @@ def default_vault_unit_content
             'StartLimitBurst' => 3,
           },
           'Service' => {
+            'Type' => 'exec',
             'User' => user,
             'Group' => group,
             'ProtectSystem' => 'full',

resources/service.rb

@@ -58,6 +58,8 @@
   def do_service_action(resource_action)
     with_run_context(:root) do
       edit_resource(:service, new_resource.service_name.delete_suffix('.service')) do
+        supports status: true, restart: true, reload: true
+
         action :nothing
         delayed_action resource_action
       end