36 lines
1.0 KiB
Desktop File
36 lines
1.0 KiB
Desktop File
[Unit]
|
|
Description=MYP Backend Flask Application
|
|
Documentation=https://github.com/your-org/myp
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=notify
|
|
User=myp
|
|
Group=myp
|
|
WorkingDirectory=/opt/myp/backend
|
|
Environment=PATH=/opt/myp/venv/bin
|
|
Environment=FLASK_ENV=production
|
|
ExecStart=/opt/myp/venv/bin/gunicorn --workers=4 --worker-class=sync --bind=0.0.0.0:5000 --timeout=30 --keep-alive=5 --max-requests=1000 --max-requests-jitter=100 --preload --access-logfile=logs/access.log --error-logfile=logs/error.log --log-level=info --capture-output --enable-stdio-inheritance wsgi:application
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
KillMode=mixed
|
|
TimeoutStopSec=5
|
|
PrivateTmp=true
|
|
Restart=on-failure
|
|
RestartSec=10
|
|
|
|
# Security settings
|
|
NoNewPrivileges=true
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
ReadWritePaths=/opt/myp/backend/logs /opt/myp/backend/instance
|
|
ProtectKernelTunables=true
|
|
ProtectKernelModules=true
|
|
ProtectControlGroups=true
|
|
|
|
# Logging
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=myp-backend
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target |