mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-04-15 17:53:09 +02:00
45 lines
1.2 KiB
Django/Jinja
45 lines
1.2 KiB
Django/Jinja
[Unit]
|
|
Description=uWSGI server for Lemonldap::NG websso system
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
RuntimeDirectory=llng-uwsgi
|
|
PIDFile=/run/llng-uwsgi/llng-uwsgi.pid
|
|
User=apache
|
|
# So we can restrict the socket to 660
|
|
Group=nginx
|
|
# So we can read /etc/lemonldap-ng/lemonldap-ng.ini
|
|
SupplementaryGroups=apache
|
|
WorkingDirectory=/usr/share/lemonldap-ng/llng-server
|
|
ExecStart=/usr/sbin/uwsgi \
|
|
--plugin psgi \
|
|
--psgi llng-server.psgi \
|
|
--plugin systemd_logger \
|
|
--logger systemd \
|
|
--socket /run/llng-uwsgi/llng-uwsgi.sock \
|
|
--chmod-socket=660 \
|
|
--master \
|
|
--workers {{ llng_workers }} \
|
|
--max-worker-lifetime 604800 \
|
|
--max-requests 100000 \
|
|
--disable-logging \
|
|
--harakiri 30 \
|
|
--buffer-size 65535 \
|
|
--limit-post 0 \
|
|
--safe-pidfile /run/llng-uwsgi/llng-uwsgi.pid \
|
|
--die-on-term
|
|
ExecReload=kill -HUP $MAINPID
|
|
PrivateTmp=yes
|
|
PrivateDevices=yes
|
|
ProtectSystem=full
|
|
ProtectHome=yes
|
|
NoNewPrivileges=yes
|
|
MemoryLimit={{ llng_workers * 250 }}M
|
|
Restart=on-failure
|
|
StartLimitInterval=0
|
|
RestartSec=1
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|