[Unit]
After=network.target

[Install]
WantedBy=default.target

[Service]
Environment="PORT=6665"
# /etc/ftth-ipe-map/conf.ini
ConfigurationDirectory=ftth-ipe-map
WorkingDirectory=/srv/www/ftth-ipe-map/webapp/
ExecStart=/srv/www/ftth-ipe-map/webapp/startGunicornService
User=ftth-ipe-map
Group=ftth-ipe-map
Restart=on-failure
RestartSec=30

# Sandboxing
#ProtectSystem=strict
#ProtectHome=tmpfs
PrivateTmp=true
PrivateDevices=true
ProtectClock=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectKernelLogs=true
ProtectControlGroups=true
RestrictAddressFamilies=AF_INET
RestrictRealtime=true