# This file should be copied to /etc/systemd/system/mail4one.service 
# Quickstart
# systemctl daemon-reload
# systemctl enable --now mail4one.service 

[Unit]
Description=Personal Mail server
Documentation=https://gitea.balki.me/balki/mail4one
After=network.target network-online.target
Requires=network-online.target

[Service]

# This user should already exist. See mail4one.conf for creating user with sysusers
User=mail4one
ExecStart=/usr/local/bin/mail4one --config /etc/mail4one/config.json

# Below allows to bind to port < 1024. Standard ports are 25, 465, 995
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE

StateDirectory=mail4one/certs mail4one/mails
StateDirectoryMode=0750
LogsDirectory=mail4one
WorkingDirectory=/var/lib/mail4one

ProtectSystem=strict
PrivateTmp=true
ProtectHome=yes
ProtectProc=invisible
NoNewPrivileges=yes

[Install]
WantedBy=multi-user.target