Mercurial > p > roundup > code

annotate scripts/systemd.gunicorn @ 7809:be6cb2e0d471

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
feat: add support for rotating jwt keys This allows jwt_secret to have multiple ',' separated secrets. The first/leftmost should be used to sign new JWTs. All of them are used (starting from left/newest) to try to verify a JWT. If the first secret is < 32 chars in length JWTs are disabled. If any of the other secrets are < 32 chars, the configuration code causes the software to exit. This prevents insecure (too short) secrets from being used. Updated doc examples and tests.
author John Rouillard <rouilj@ieee.org>
date Thu, 14 Mar 2024 19:04:19 -0400
parents c63df349f319
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6344
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
1 [Unit]
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
2 Description=Roundup Server - roundup
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
3
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
4 [Service]
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
5 User=roundup
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
6 WorkingDirectory=/path/to/roundup/trackers/roundup
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
7 SyslogIdentifier=roundup-server-roundup
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
8 ExecStart=/path/to/gunicorn -b unix:///var/run/roundup/roundup.sock wsgi -w 4 --preload --max-requests 128 --max-requests-jitter 32 --timeout 60 --graceful-timeout 60 --access-logfile - --error-logfile
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
9 ExecReload=/bin/kill -HUP $MAINPID
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
10 ExecStop = /bin/kill -s TERM $MAINPID
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
11 KillMode=mixed
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
12 Restart=on-failure
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
13 RestartSec=15s
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
14
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
15 [Install]
c63df349f319 issue2551117 - add example systemd config
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
16 WantedBy=multi-user.target
Roundup Issue Tracker: http://roundup-tracker.org/