ids.alfacom.it/deployment/systemd/ids-auto-block.service

[Unit]
Description=IDS Auto-Blocking Service - Detect and Block Malicious IPs
After=network.target postgresql-16.service
Wants=ids-ml-backend.service

[Service]
Type=oneshot
User=ids
Group=ids
WorkingDirectory=/opt/ids
EnvironmentFile=/opt/ids/.env

# Esegui script auto-blocking (usa venv Python)
ExecStart=/opt/ids/python_ml/venv/bin/python3 /opt/ids/python_ml/auto_block.py

# Logging
StandardOutput=append:/var/log/ids/auto_block.log
StandardError=append:/var/log/ids/auto_block.log
SyslogIdentifier=ids-auto-block

# Security
NoNewPrivileges=true
PrivateTmp=true

# Timeout: max 5 minuti per detection+blocking
TimeoutStartSec=300

[Install]
WantedBy=multi-user.target