[Unit]
Description=Simple Terminal Server using Webtop Containers and Podman
After=podman.service

[Service]
ExecStart=/usr/local/bin/podterminal
Type=simple
Restart=on-failure
DeviceAllow=/dev/dri/renderD128
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectKernelLogs=true
ProtectControlGroups=true
RestrictSUIDSGID=true
ProtectClock=true
PrivateTmp=true
ReadWritePaths=/run/podman/podman.sock


[Install]
WantedBy=multi-user.target