[Unit]
Description=AI Orquestrador API (FastAPI/Uvicorn)
After=network.target

[Service]
Type=simple
User=vitor
Group=vitor
WorkingDirectory=/opt/orquestrador
EnvironmentFile=/opt/orquestrador/.env.prod
Environment=PATH=/opt/orquestrador/venv/bin
ExecStart=/opt/orquestrador/venv/bin/uvicorn app.main:app --host 0.0.0.0 --port 8080
Restart=always
RestartSec=5

# hardening basico
NoNewPrivileges=true
PrivateTmp=true

[Install]
WantedBy=multi-user.target