A systemd socket activated TLS twisted.web server.

server.tac.py

"""
A systemd socket activated TLS twisted.web server.

$ tree /srv/www/
/srv/www/
`-- www.example.com
    |-- server.key
    |-- server.pem
    |-- server.tac.py
    `-- static
        `-- index.html
"""
from twisted.internet import reactor
from twisted.application import internet, service
from twisted.internet.endpoints import serverFromString
from twisted.internet.ssl import PrivateCertificate
from twisted.protocols.tls import TLSMemoryBIOFactory
from twisted.web import server, static


endpoint = serverFromString(reactor, 'systemd:domain=INET:index=0')

serverFactory = server.Site(static.File('.'))

privateCert = PrivateCertificate.loadPEM(
    open('server.pem').read() + open('server.key').read())

tlsFactory = TLSMemoryBIOFactory(
    privateCert.options(), False, serverFactory)

application = service.Application('Twisted Web + systemd + TLS Example')

s = internet.StreamServerEndpointService(endpoint, tlsFactory)
s.setServiceParent(application)

www.example.com.service

[Unit]
Description=Example Web Server

[Service]
ExecStart=\
        /bin/twistd \
        --nodaemon \
        --pidfile= \
        --no_save \
        --python=/srv/www/www.example.com/server.tac.py

NonBlocking=true

WorkingDirectory=/srv/www/www.example.com

Restart=always

www.example.com.socket

[Socket]
ListenStream=0.0.0.0:443

[Install]
WantedBy=sockets.target