[Unit]
Description=Arav's dwelling / Home
After=network-online.target

[Service]
Type=simple
Restart=on-failure
DynamicUser=yes
ExecStart=/usr/bin/dwelling-home -listen /var/run/dwelling-home/sock \
    -database-path /var/lib/dwelling-home -captcha-expiry 10m \
    -guestbook-page-size 60

ReadOnlyPaths=/

RuntimeDirectory=dwelling-home
StateDirectory=dwelling-home

AmbientCapabilities=
CapabilityBoundingSet=

LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProcSubset=pid
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=noaccess
ProtectSystem=strict
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=~@clock
SystemCallFilter=~@cpu-emulation
SystemCallFilter=~@debug
SystemCallFilter=~@module
SystemCallFilter=~@mount
SystemCallFilter=~@obsolete
SystemCallFilter=~@privileged
SystemCallFilter=~@raw-io
SystemCallFilter=~@reboot
SystemCallFilter=~@swap

[Install]
WantedBy=multi-user.target