From f4d6e5e0b14fde3f49c241531b20302d2be2671d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sergio=20La=C3=ADn?= <sergio.lac@pm.me>
Date: Tue, 11 Jun 2024 11:47:01 +0200
Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20refactor(systemd):=20proto?=
 =?UTF-8?q?nmail-bridge=20service?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../systemd/user/protonmail-bridge.service    | 28 ++++++++++++++-----
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/.config/systemd/user/protonmail-bridge.service b/.config/systemd/user/protonmail-bridge.service
index a3230d83..d728a5e2 100644
--- a/.config/systemd/user/protonmail-bridge.service
+++ b/.config/systemd/user/protonmail-bridge.service
@@ -1,12 +1,26 @@
 [Unit]
-Description=Protonmail client bridge service
-PartOf=graphical-session.target
-After=graphical-session.target
+Description=ProtonMail Bridge - ProtonMail IMAP and SMTP Bridge
+After=network.target
 
 [Service]
-Type=exec
-StandardOutput=journal
-ExecStart=/usr/bin/protonmail-bridge --no-window
+Type=simple
+ExecStart=/usr/bin/protonmail-bridge-core --noninteractive
+Restart=always
+KillMode=process
+
+# Hardening
+PrivateTmp=true
+# ProtectHome=true
+ProtectSystem=full
+NoNewPrivileges=true
+ProtectControlGroups=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+PrivateDevices=true
+# RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+RestrictNamespaces=true
+RestrictRealtime=true
+SystemCallArchitectures=native
 
 [Install]
-WantedBy=graphical-session.target
+WantedBy=default.target