"feat: Add Dockerfile.dev, PRODUCTION_SETUP.md, update env.example, and service myp-backend"

2025-05-23 07:57:20 +02:00
parent 6751e4a54b
commit fb66cdb6db
4 changed files with 106 additions and 1 deletions
--- a/backend/myp-backend.service
+++ b/backend/myp-backend.service
@@ -0,0 +1,36 @@
+[Unit]
+Description=MYP Backend Flask Application
+Documentation=https://github.com/your-org/myp
+After=network.target
+
+[Service]
+Type=notify
+User=myp
+Group=myp
+WorkingDirectory=/opt/myp/backend
+Environment=PATH=/opt/myp/venv/bin
+Environment=FLASK_ENV=production
+ExecStart=/opt/myp/venv/bin/gunicorn --workers=4 --worker-class=sync --bind=0.0.0.0:5000 --timeout=30 --keep-alive=5 --max-requests=1000 --max-requests-jitter=100 --preload --access-logfile=logs/access.log --error-logfile=logs/error.log --log-level=info --capture-output --enable-stdio-inheritance wsgi:application
+ExecReload=/bin/kill -s HUP $MAINPID
+KillMode=mixed
+TimeoutStopSec=5
+PrivateTmp=true
+Restart=on-failure
+RestartSec=10
+
+# Security settings
+NoNewPrivileges=true
+ProtectSystem=strict
+ProtectHome=true
+ReadWritePaths=/opt/myp/backend/logs /opt/myp/backend/instance
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectControlGroups=true
+
+# Logging
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=myp-backend
+
+[Install]
+WantedBy=multi-user.target