48 lines
1.1 KiB
Desktop File
48 lines
1.1 KiB
Desktop File
[Unit]
|
|
Description=Network AI Orchestrator Service
|
|
Documentation=https://git.salmutt.dev/sal/srx-config
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
RequiresMountsFor=/shared/ai-gitops
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=netops
|
|
Group=netops
|
|
WorkingDirectory=/home/netops/orchestrator
|
|
|
|
# Load environment variables
|
|
EnvironmentFile=-/home/netops/.env
|
|
|
|
# Python virtual environment activation and script execution
|
|
ExecStart=/home/netops/orchestrator/venv/bin/python /home/netops/orchestrator/orchestrator_main.py
|
|
|
|
# Restart configuration
|
|
Restart=on-failure
|
|
RestartSec=30
|
|
StartLimitInterval=200
|
|
StartLimitBurst=5
|
|
|
|
# Resource limits
|
|
MemoryLimit=8G
|
|
CPUQuota=50%
|
|
|
|
# Environment variables
|
|
Environment="PYTHONUNBUFFERED=1"
|
|
Environment="ORCHESTRATOR_ENV=production"
|
|
|
|
# Logging
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=orchestrator
|
|
|
|
# Security hardening
|
|
PrivateTmp=yes
|
|
NoNewPrivileges=true
|
|
ProtectSystem=strict
|
|
ProtectHome=read-only
|
|
ReadWritePaths=/shared/ai-gitops /home/netops/orchestrator/logs /var/lib/orchestrator /var/log/orchestrator
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|