[Unit]
Description=System Stats MQTT Daemon
After=network.target

[Service]
Type=exec
User=root
Group=root
ExecStart=/opt/system_stats_daemon/bin/system_stats_daemon start
ExecStop=/opt/system_stats_daemon/bin/system_stats_daemon stop
Restart=always
RestartSec=5
StandardOutput=journal
StandardError=journal
SyslogIdentifier=system_stats_daemon
WorkingDirectory=/opt/system_stats_daemon

# Security settings - still apply restrictions where possible
NoNewPrivileges=true
PrivateTmp=true
ProtectHome=true
# Don't use ProtectSystem=strict since we need to read system stats
ProtectSystem=false

[Install]
WantedBy=multi-user.target