Suggest optional security hardening in systemd service

[JustArchi]

This PR adds a few additional [Service] systemd entries that are wanted for people that want to ensure additional security bulletproofing on their system.

I verified that notify_push service works properly with no errors or warnings upon applying. The configuration is compatible with TCP as well as unix socket creation, it's also compatible with standard www-data user as well as custom ones.

I believe this is worthy addition. If you want to make it truly optional, I can also comment out all of those entries, leaving them up to the user to enable. Considering the fact that it doesn't create any apparent issues however, I believe they should be enabled by default.

Thanks in advance for considering this PR.

[JustArchi]

Before:

After:

[github-actions]

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

(If you believe you should not receive this message, you can add yourself to the blocklist.)

[eeshaanSA]

Hello @JustArchi, your feedback has reached the Nextcloud team. We will have someone look into this shortly. Thank you for your contributions.