[Unit]
Description=Ananicy-Cpp - ANother Auto NICe daemon in C++
After=local-fs.target
StartLimitIntervalSec=0
StartLimitBurst=10

[Service]
Type=simple
ExecStart=/usr/bin/ananicy-cpp start
ExecReload=/usr/bin/ananicy-cpp --reload
Nice=-5
SuccessExitStatus=143
OOMScoreAdjust=-999
Restart=always
RestartSec=10
CPUAccounting=true
MemoryHigh=16M
MemoryMax=64M

# Hardening
ProtectSystem=true
ProtectHome=true
PrivateTmp=yes
PrivateDevices=true
ProtectClock=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true

CapabilityBoundingSet=~CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_SETUID CAP_SETGID CAP_SETPCAP
ProcSubset=pid
RestrictAddressFamilies=AF_UNIX AF_NETLINK
NoNewPrivileges=true

RestrictSUIDSGID=true
RestrictNamespaces=cgroup
ProtectHostname=true
LockPersonality=true
MemoryDenyWriteExecute=true

# Filter system calls to those absolutely requrired for correct functioning.
#SystemCallErrorNumber=EPERM
#SystemCallFilter=@system-service
#SystemCallFilter=~@debug @module @mount @reboot @swap @clock @obsolete @cpu-emulation


# Required to see other processes
PrivateUsers=false
ProtectProc=default

# Required for the process-listener socket to work
PrivateNetwork=false


# Required for control groups (obviously)
ProtectControlGroups=false

# Required for future use.
RestrictRealtime=false

[Install]
WantedBy=local-fs.target