[Unit]
Description=Taiga protected
After=network.target rabbitmq-server.service

[Service]
User={{ taiga_user }}
Group={{ taiga_user }}
Environment=PYTHONUNBUFFERED=true
WorkingDirectory={{ taiga_root_dir }}/app/protected
ExecStart={{ taiga_root_dir }}/venv/bin/gunicorn --workers 4 --timeout 60 --log-level=info --access-logfile - --bind 127.0.0.1:{{ taiga_ports['protected'] }} server:app
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=full
ProtectHome=yes
NoNewPrivileges=yes
MemoryLimit=512M
SyslogIdentifier=taiga-protected
Restart=on-failure
StartLimitInterval=0
RestartSec=30

[Install]
WantedBy=multi-user.target