[Unit] Description=Sidecar V2 — Multi-Pool Provider Proxy After=network.target [Service] Type=simple User=openclaw Group=openclaw WorkingDirectory=/opt/sidecar-v2 EnvironmentFile=/etc/sidecar-v2/env ExecStart=/opt/sidecar-v2/.venv/bin/python3 main.py Restart=always RestartSec=5 # Security hardening NoNewPrivileges=yes ProtectSystem=strict ProtectHome=yes ReadWritePaths=/opt/sidecar-v2/data PrivateTmp=yes [Install] WantedBy=multi-user.target