Update the installation instructions with something a little more hardened.

README.md

@@ -73,7 +73,9 @@ First, you will need to jump to the place where you want to put the code, we wil
 
 If you place it in `/www/`, `/public_html/` or any similar folder, then there's a chance that your server might be compromised.
 
-You can navigate to your installation of Gosora by typing the following commands into the console and hitting enter:
+The following commands will pull the latest copy of Gosora off the Git repository, will create a user account to run Gosora as, will set it as the owner of the files and will start the installation process.
+
+Please type these into the console and hit enter:
 
 cd /home/
 
@@ -85,6 +87,12 @@ git clone https://github.com/Azareal/Gosora
 
 mv Gosora src
 
+useradd gosora
+
+chown -R gosora src
+
+chgrp -R www-data src
+
 cd src
 
 chmod 755 ./install-linux

gosora_example.service

@@ -3,22 +3,19 @@
 Description=Gosora
 
 [Service]
-Type=simple
+User=gosora
-# You might want to create a user / group for Gosora and set these to further harden your system, although this this might not work right now, if we're listening directly on port 80 / 443
+Group=www-data
-#User=gosoraservice
-#Group=gosoraservice
 
 Restart=on-failure
 RestartSec=10
 # Set these to the location of Gosora
 WorkingDirectory=/home/gosora/src
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 # Make sure you manually run pre-run-linux before you start the service
 ExecStart=/home/gosora/src/Gosora
 
-# If things don't work for some reason, try putting # in-front of the following three lines until it does and open an issue on the bug tracker
 ProtectSystem=full
 PrivateDevices=true
-PrivateUsers=true
 
 [Install]
 WantedBy=multi-user.target