[Unit]
Description=Semblance back end service
After=network.target

[Service]
Type=exec
User=www-data
Group=www-data
WorkingDirectory=/var/www/html/semblance/backend
Environment=PATH=/var/www/html/semblance/backend/venv/bin
ExecStart=/var/www/html/semblance/backend/venv/bin/python /var/www/html/semblance/backend/run.py
Restart=always
RestartSec=5

# Output to journal
StandardOutput=journal
StandardError=journal
SyslogIdentifier=semblance

# Security settings (adjusted for file uploads)
NoNewPrivileges=yes
ProtectSystem=false
ProtectHome=yes

# Allow access to temp directories
PrivateTmp=no

# Writable directories for uploads and temp files
ReadWritePaths=/var/www/html/semblance/backend/uploads
ReadWritePaths=/var/www/html/semblance/backend/temp
ReadWritePaths=/tmp
ReadWritePaths=/var/tmp

# Create necessary directories
ExecStartPre=/bin/mkdir -p /var/www/html/semblance/backend/uploads
ExecStartPre=/bin/mkdir -p /var/www/html/semblance/backend/temp
ExecStartPre=/bin/chown -R www-data:www-data /var/www/html/semblance/backend/uploads
ExecStartPre=/bin/chown -R www-data:www-data /var/www/html/semblance/backend/temp

[Install]
WantedBy=multi-user.target