jeroneemou/caddy.service

## caddy.service
 [Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-failure

User=www-data
Group=www-data

Environment=HOME=/etc/ssl/caddy

ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID

LimitNOFILE=4096
LimitNPROC=64

PrivateTmp=true
PrivateDevices=true
ProtectHome=true
ProtectSystem=full
ReadWriteDirectories=/etc/ssl/caddy

CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target
	[Unit]
	Description=Caddy HTTP/2 web server
	Documentation=https://caddyserver.com/docs
	After=network-online.target
	Wants=network-online.target systemd-networkd-wait-online.service

	[Service]
	Restart=on-failure

	User=www-data
	Group=www-data

	Environment=HOME=/etc/ssl/caddy

	ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
	ExecReload=/bin/kill -USR1 $MAINPID

	LimitNOFILE=4096
	LimitNPROC=64

	PrivateTmp=true
	PrivateDevices=true
	ProtectHome=true
	ProtectSystem=full
	ReadWriteDirectories=/etc/ssl/caddy

	CapabilityBoundingSet=CAP_NET_BIND_SERVICE
	AmbientCapabilities=CAP_NET_BIND_SERVICE
	NoNewPrivileges=true

	[Install]
	WantedBy=multi-user.target