[Unit]
Description=AITBC Advanced AI Service - Enhanced AI Capabilities
After=network.target
Wants=network.target

[Service]
Type=simple
User=aitbc
Group=aitbc
WorkingDirectory=/opt/aitbc/apps/coordinator-api
Environment=PATH=/opt/aitbc/.venv/bin
Environment=PYTHONPATH=/opt/aitbc/apps/coordinator-api/src
ExecStart=/opt/aitbc/.venv/bin/python -m app.services.advanced_ai_service
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
SyslogIdentifier=aitbc-advanced-ai

# Security settings
NoNewPrivileges=true
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/aitbc/logs /opt/aitbc/data

# Resource limits
LimitNOFILE=65536
LimitNPROC=4096

# GPU access (if available)
DeviceAllow=/dev/nvidia0 rw
DeviceAllow=/dev/nvidiactl rw
DeviceAllow=/dev/nvidia-uvm rw

[Install]
WantedBy=multi-user.target