scripts/start_production.sh

#!/bin/bash
# Production startup script for HonestAI
# This script validates environment and starts the application with Gunicorn

set -e  # Exit on error

echo "============================================================"
echo "HonestAI Production Startup Script"
echo "============================================================"

# Validate HF_TOKEN
if [ -z "$HF_TOKEN" ]; then
    echo "ERROR: HF_TOKEN environment variable is not set"
    echo "Please set HF_TOKEN in Space Settings → Repository secrets"
    exit 1
fi
echo "✓ HF_TOKEN is set"

# Validate OMP_NUM_THREADS
if [ -z "$OMP_NUM_THREADS" ]; then
    echo "WARNING: OMP_NUM_THREADS not set, defaulting to 4"
    export OMP_NUM_THREADS=4
elif ! [[ "$OMP_NUM_THREADS" =~ ^[0-9]+$ ]] || [ "$OMP_NUM_THREADS" -le 0 ]; then
    echo "WARNING: Invalid OMP_NUM_THREADS='$OMP_NUM_THREADS', setting to 4"
    export OMP_NUM_THREADS=4
fi
export MKL_NUM_THREADS=$OMP_NUM_THREADS
echo "✓ OMP_NUM_THREADS set to $OMP_NUM_THREADS"

# Validate MKL_NUM_THREADS
if [ -z "$MKL_NUM_THREADS" ]; then
    export MKL_NUM_THREADS=$OMP_NUM_THREADS
fi
echo "✓ MKL_NUM_THREADS set to $MKL_NUM_THREADS"

# Set secure log directory
LOG_DIR=${LOG_DIR:-/tmp/logs}
mkdir -p "$LOG_DIR"
chmod 700 "$LOG_DIR" 2>/dev/null || echo "Warning: Could not set log directory permissions"
echo "✓ Log directory: $LOG_DIR"

# Set default port if not specified
PORT=${PORT:-7860}
echo "✓ Port: $PORT"

# Set default workers (adjust based on CPU cores)
WORKERS=${GUNICORN_WORKERS:-4}
echo "✓ Gunicorn workers: $WORKERS"

# Set rate limiting
RATE_LIMIT_ENABLED=${RATE_LIMIT_ENABLED:-true}
echo "✓ Rate limiting: $RATE_LIMIT_ENABLED"

echo "============================================================"
echo "Starting Gunicorn production server..."
echo "============================================================"

# Start Gunicorn with proper configuration
exec gunicorn \
    --bind "0.0.0.0:$PORT" \
    --workers "$WORKERS" \
    --threads 2 \
    --timeout 120 \
    --keep-alive 5 \
    --access-logfile - \
    --error-logfile - \
    --log-level info \
    --capture-output \
    flask_api_standalone:app