[Unit]
Description=IDS Cleanup Detections Service
Documentation=https://github.com/yourusername/ids
After=network.target postgresql.service

[Service]
Type=oneshot
User=root
WorkingDirectory=/opt/ids
EnvironmentFile=/opt/ids/.env
ExecStart=/opt/ids/deployment/run_cleanup.sh

# Logging
StandardOutput=append:/var/log/ids/cleanup.log
StandardError=append:/var/log/ids/cleanup.log

# Security
NoNewPrivileges=true
PrivateTmp=true

# Restart policy (non necessario per oneshot)
# Restart=on-failure
# RestartSec=30

[Install]
WantedBy=multi-user.target