[Unit]
Description=Telegram Bot Misaka 5882f7
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/tgbot_misaka_5882f7/bin/tgbot_misaka_5882f7
EnvironmentFile=/usr/local/tgbot_misaka_5882f7/cfg/env

Restart=on-failure
RestartSec=5

DynamicUser=yes
ProtectSystem=strict
ProtectHome=yes
PrivateDevices=yes
SystemCallFilter=@system-service
SystemCallErrorNumber=EPERM
NoNewPrivileges=yes
PrivateTmp=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
MemoryDenyWriteExecute=yes
CapabilityBoundingSet=

[Install]
WantedBy=multi-user.target