[Unit]
After=network.target
Description=BitOMC server
StartLimitBurst=120
StartLimitIntervalSec=10m

[Service]
AmbientCapabilities=CAP_NET_BIND_SERVICE
Environment=RUST_BACKTRACE=1
Environment=RUST_LOG=info
ExecStart=/usr/local/bin/bitomc \
  --bitcoin-data-dir /var/lib/bitcoind \
  --chain ${CHAIN} \
  --config-dir /var/lib/bitomc \
  --datadir /var/lib/bitomc
  server \
  --acme-contact mailto:joshsdoman@gmail.com \
  --csp-origin https://${CSP_ORIGIN} \
  --http \
  --https \
  --disable-json-api
Group=bitomc
LimitNOFILE=65536
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
Restart=on-failure
RestartSec=5s
StateDirectory=bitomc
StateDirectoryMode=0700
TimeoutStopSec=10m
Type=simple
User=bitomc
WorkingDirectory=/var/lib/bitomc

[Install]
WantedBy=multi-user.target