4f415fb500
P0 fixes: - Admin API Bearer Token auth middleware - Encryption key missing -> CRITICAL log + sys.exit(1) - Prometheus metrics endpoint (:9191) - requirements.txt + Dockerfile + docker-compose.yml + systemd + nginx P1 fixes: - Dead code removed from _refresh_cooldowns() - Stream detection fixed (text/event-stream only) - Emergency passthrough (10% RPM retry before 503) - Active health probing for backends - SQLite daily backup loop with retention - Chart.js CDN fallback - Key rotation SOP document - JSON log format support - Deploy files: systemd unit + nginx config BIZ-52 review re-entry Co-authored-by: multica-agent <github@multica.ai>
23 lines
449 B
Desktop File
23 lines
449 B
Desktop File
[Unit]
|
|
Description=Sidecar V2 — Multi-Pool Provider Proxy
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=openclaw
|
|
Group=openclaw
|
|
WorkingDirectory=/opt/sidecar-v2
|
|
EnvironmentFile=/etc/sidecar-v2/env
|
|
ExecStart=/opt/sidecar-v2/.venv/bin/python3 main.py
|
|
Restart=always
|
|
RestartSec=5
|
|
|
|
# Security hardening
|
|
NoNewPrivileges=yes
|
|
ProtectSystem=strict
|
|
ProtectHome=yes
|
|
ReadWritePaths=/opt/sidecar-v2/data
|
|
PrivateTmp=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target |