[Exec]
Boot=1
# Next 2 lines for docker
Capability=all
SystemCallFilter=add_key keyctl

PrivateUsers=no

[Files]
#opengl
BindReadOnly=/tmp/.X11-unix
# Next line for docker
Bind=/sys/fs/cgroup
Bind=/dev/dri
#Bind=/dev/nvidia0
#Bind=/dev/nvidiactl
#Bind=/dev/nvidia-modeset
Bind=/dev/shm

# input
Bind=/dev/input

# pulseaudio
Bind=/run/user/1000/pulse:/run/user/host/pulse

# alsa
Bind=/dev/snd


# downloads
#Bind=/home/drew/Downloads