Update to 2022-02-22 23:00

roles/lemonldap_ng/templates/llng-uwsgi.service.j2

@@ -0,0 +1,44 @@
+[Unit]
+Description=uWSGI server for Lemonldap::NG websso system
+After=network.target
+
+[Service]
+Type=simple
+RuntimeDirectory=llng-uwsgi
+PIDFile=/run/llng-uwsgi/llng-uwsgi.pid
+User=apache
+# So we can restrict the socket to 660
+Group=nginx
+# So we can read /etc/lemonldap-ng/lemonldap-ng.ini
+SupplementaryGroups=apache
+WorkingDirectory=/usr/share/lemonldap-ng/llng-server
+ExecStart=/usr/sbin/uwsgi \
+             --plugin psgi \
+             --psgi llng-server.psgi \
+             --plugin systemd_logger \
+             --logger systemd \
+             --socket /run/llng-uwsgi/llng-uwsgi.sock \
+             --chmod-socket=660 \
+             --master \
+             --workers {{ llng_workers }} \
+             --max-worker-lifetime 604800 \
+             --max-requests 100000 \
+             --disable-logging \
+             --harakiri 30 \
+             --buffer-size 65535 \
+             --limit-post 0 \
+             --safe-pidfile /run/llng-uwsgi/llng-uwsgi.pid \
+             --die-on-term
+ExecReload=kill -HUP $MAINPID
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
+ProtectHome=yes
+NoNewPrivileges=yes
+MemoryLimit={{ llng_workers * 250 }}M
+Restart=on-failure
+StartLimitInterval=0
+RestartSec=1
+
+[Install]
+WantedBy=multi-user.target