[Unit]
Description=MYP Platform - Mercedes-Benz 3D Druck Management System
Documentation=https://github.com/mercedes-benz/myp-platform
After=network.target postgresql.service mysql.service
Wants=network.target

[Service]
Type=notify
User=myp
Group=myp
WorkingDirectory=/opt/myp-platform/backend/app
Environment=PATH=/opt/myp-platform/venv/bin
Environment=MYP_ENVIRONMENT=production
Environment=FLASK_ENV=production
Environment=PYTHONPATH=/opt/myp-platform/backend/app

# Gunicorn mit Konfigurationsdatei starten
ExecStart=/opt/myp-platform/venv/bin/gunicorn app:app -c gunicorn.conf.py
ExecReload=/bin/kill -s HUP $MAINPID

# Restart-Policy
Restart=always
RestartSec=10
StartLimitInterval=60
StartLimitBurst=3

# Sicherheit
NoNewPrivileges=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/myp-platform/backend/app/logs
ReadWritePaths=/opt/myp-platform/backend/app/database
ReadWritePaths=/opt/myp-platform/backend/app/uploads
ReadWritePaths=/opt/myp-platform/backend/app/certs

# Ressourcen-Limits
LimitNOFILE=65536
LimitNPROC=4096
MemoryMax=2G
CPUQuota=200%

# Timeouts
TimeoutStartSec=30
TimeoutStopSec=30

# Logging
StandardOutput=journal
StandardError=journal
SyslogIdentifier=myp-platform

[Install]
WantedBy=multi-user.target