[Unit] Description=Prometheus metrics exporter for Unifi Controller Wants=unifi.service After=unifi.service [Container] Image={{ unifi_exporter_container_image }}:{{ unifi_exporter_version }} Volume=/etc/unifi_exporter.yml:/etc/unifi_exporter.yml:ro Network=host NoNewPrivileges=yes Exec=-config.file /etc/unifi_exporter.yml User=200 Group=200 VolatileTmp=yes [Service] Restart=always RestartSec=2 PrivateTmp=yes ProtectClock=yes ProtectHome=yes ProtectKernelModules=yes ProtectProc=invisible ProtectSystem=strict ReadWritePaths=/run ReadWritePaths=/var/lib/containers/storage RestrictRealtime=yes UMask=0077 [Install] WantedBy=multi-user.target