[Unit]
Description=C4 Game Lobby
After=network.target

[Service]
Type=simple
User=games
Group=games
WorkingDirectory=/opt/c4
ExecStart=/opt/c4/c4
Restart=on-failure
RestartSec=5

Environment=PORT=8080

# Hardening
NoNewPrivileges=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/c4
PrivateTmp=true

[Install]
WantedBy=multi-user.target