71ffa3485b
Type=notify with WatchdogSec was timing out due to sd_notify issues. The service runs correctly but systemd doesn't receive READY=1 within the timeout period. Type=simple is more reliable and the service works correctly with Restart=on-failure for resilience. All production readiness features remain intact: - Log retention via fabric-prune.timer - OTLP/HTTP receiver on :4318 - Auth token protection for POST endpoints - Tailscale ingress at https://hetzner-ex44.tail1b1987.ts.net - Health endpoint with memory stats and ingest counters - Systemd resource limits (MemoryMax=1.5G, CPUQuota=200%) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Bead-Id: bd-ch6
27 lines
843 B
Desktop File
27 lines
843 B
Desktop File
[Unit]
|
|
Description=FABRIC Web Dashboard
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
WorkingDirectory=/home/coding/FABRIC
|
|
# Run with 1GB heap limit, enable heap snapshots for leak detection
|
|
ExecStart=/usr/bin/node --max-old-space-size=1024 dist/cli.js web --port 3000 --source /home/coding/.needle/logs --otlp-http :4318 --heap-snapshots --snapshot-interval 30
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
# Rate limit restarts: 5 times within 2 minutes before entering failed state
|
|
StartLimitInterval=120s
|
|
StartLimitBurst=5
|
|
EnvironmentFile=/home/coding/.config/fabric/secrets.env
|
|
Environment=NODE_ENV=production
|
|
# Memory limits: 1.5GB max, will trigger OOM if exceeded
|
|
MemoryMax=1536M
|
|
MemoryHigh=1200M
|
|
# CPU limit: max 2 cores (200%)
|
|
CPUQuota=200%
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=fabric-web
|
|
|
|
[Install]
|
|
WantedBy=default.target
|