[Unit]
Description=Captive Portal enforcement service
Wants=basic.target
After=basic.target network.target
ConditionFileIsExecutable=/var/lib/python-capport/start-control.sh
ConditionPathIsDirectory=/var/lib/python-capport/venv

# TODO: start as unprivileged user but with CAP_NET_ADMIN ?
[Service]
Type=notify
WatchdogSec=10
ExecStart=/var/lib/python-capport/start-control.sh
Restart=always
ProtectSystem=full
ProtectHome=true

[Install]
WantedBy=multi-user.target