[Unit] Description=C++ daemon for accessing the I2P network After=network.target [Service] Type=forking Restart=on-abnormal User=i2pd Group=i2pd LimitNOFILE=4096 # restrictions ProtectSystem=full ProtectHome=yes ProtectControlGroups=yes ProtectKernelLogs=yes ProtectKernelModules=yes ProtectKernelTunables=yes ProtectClock=yes PrivateUsers=yes PrivateDevices=yes PrivateTmp=yes RestrictNamespaces=yes RestrictSUIDSGID=yes CapabilityBoundingSet= NoNewPrivileges=yes RuntimeDirectory=i2pd RuntimeDirectoryMode=0700 PIDFile=/run/i2pd/i2pd.pid ExecStartPre=+/bin/touch /var/log/i2pd.log ExecStartPre=+/bin/chown i2pd:i2pd /var/log/i2pd.log ExecStartPre=+/bin/chmod 600 /var/log/i2pd.log ExecStart=/usr/bin/i2pd --daemon --service --pidfile=${RUNTIME_DIRECTORY}/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf [Install] WantedBy=multi-user.target