caddy.service

# This service file requires the following:
#
# 1) Group named caddy:
#      $ groupadd --system caddy
#
# 2) User named caddy, with a writeable home folder:
#      $ useradd --system \
#           --gid caddy \
#           --create-home \
#           --home-dir /var/lib/caddy \
#           --shell /usr/sbin/nologin \
#           --comment "Caddy web server" \
#           caddy
#
# 3) Caddyfile at /etc/caddy/Caddyfile that is
#    readable by the caddy user
#

[Unit]
Description=Caddy Web Server
Documentation=https://caddyserver.com/docs/
After=network.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --adapter caddyfile --resume --environ
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --adapter caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target
	# This service file requires the following:
	#
	# 1) Group named caddy:
	# $ groupadd --system caddy
	#
	# 2) User named caddy, with a writeable home folder:
	# $ useradd --system \
	# --gid caddy \
	# --create-home \
	# --home-dir /var/lib/caddy \
	# --shell /usr/sbin/nologin \
	# --comment "Caddy web server" \
	# caddy
	#
	# 3) Caddyfile at /etc/caddy/Caddyfile that is
	# readable by the caddy user
	#

	[Unit]
	Description=Caddy Web Server
	Documentation=https://caddyserver.com/docs/
	After=network.target

	[Service]
	User=caddy
	Group=caddy
	ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --adapter caddyfile --resume --environ
	ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --adapter caddyfile
	TimeoutStopSec=5s
	LimitNOFILE=1048576
	LimitNPROC=512
	PrivateTmp=true
	ProtectSystem=full
	AmbientCapabilities=CAP_NET_BIND_SERVICE

	[Install]
	WantedBy=multi-user.target