[Unit]
Description=Galène: Videoconferencing server
Documentation=https://galene.org
After=network.target

[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/
ExecStart=__FINALPATH__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups __DATADIR__/groups -recordings __DATADIR__/recordings  -data __FINALPATH__/live/data/
LimitNOFILE=65536

# various hardening options
ReadWritePaths=/var/lib/galene/recordings
CapabilityBoundingSet=
AmbientCapabilities=
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
ProtectHome=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectKernelLogs=yes
ProtectControlGroups=yes
ProtectHostname=yes
ProtectClock=yes
NoNewPrivileges=yes
MountFlags=private
LockPersonality=yes
RestrictRealtime=yes
RestrictNamespaces=yes
RestrictSUIDSGID=yes
KeyringMode=private
MemoryDenyWriteExecute=yes
RemoveIPC=yes
SystemCallArchitectures=native
SystemCallFilter=~ @clock @cpu-emulation @debug @keyring @module @mount @raw-io @reboot @swap @obsolete @timer @resources @privileged @pkey @obsolete @setuid
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
UMask=0077

[Install]
WantedBy=multi-user.target