[Unit]
 Requires=nginx_<%= @id %>.socket php_fpm_<%= @id %>.service
 After=php_fpm_<%= @id %>.service

 [Service]
 User=<%= @id %>
 Type=simple
 ExecStart=/usr/sbin/nginx -c/srv/containers/<%= @id %>/nginx.conf
 ExecReload=/bin/kill -HUP $MAINPID
 TimeoutStartSec=45
 TimeoutStopSec=15
 RestartSec=10
 CPUShares=512

 # Tell nginx to inherit the listener socket file descriptor from socket activation.
 Environment=NGINX=3;

 # Nginx wants SIGQUIT instead of the default SIGTERM for a graceful shutdown.
 # Also need mixed mode in case the children are orphaned.
 KillMode=mixed
 KillSignal=SIGQUIT

 # Sandbox a root escalation.
 NoNewPrivileges=true

 # Use a file system namespace.
 PrivateTmp=true