[Unit]
Description=AITBC Multimodal GPU Service (Port 8011)
Documentation=https://docs.aitbc.bubuit.net
After=network.target aitbc-coordinator-api.service nvidia-persistenced.service
Wants=aitbc-coordinator-api.service

[Service]
Type=simple
User=aitbc
Group=aitbc
WorkingDirectory=/opt/aitbc/apps/coordinator-api
Environment=PYTHONPATH=/opt/aitbc/apps/coordinator-api/src
Environment=PORT=8011
Environment=SERVICE_TYPE=gpu-multimodal
Environment=GPU_ENABLED=true
Environment=CUDA_VISIBLE_DEVICES=0
Environment=LOG_LEVEL=INFO
ExecStart=/usr/bin/python3 -m aitbc_gpu_multimodal.main
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
SyslogIdentifier=aitbc-multimodal-gpu

# Security settings
NoNewPrivileges=true
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/var/log/aitbc /var/lib/aitbc/data /dev/nvidia*
LimitNOFILE=65536

# GPU access
DeviceAllow=/dev/nvidia*
DevicePolicy=auto

# Resource limits
MemoryMax=4G
CPUQuota=300%

[Install]
WantedBy=multi-user.target