[Unit]
Description=Caddy reverse proxy

[Container]
ContainerName=caddy
Image=ghcr.io/zenfyrdev/caddy:latest
Network=host
Volume=/etc/caddy:/etc/caddy:z
Volume=/var/containers/caddy/config:/config:z
Volume=/var/containers/caddy/data:/data:z
Volume=/var/log/caddy:/var/log/caddy:z
Volume=/var/www:/var/www:z
# Security
NoNewPrivileges=true
DropCapability=ALL
AddCapability=NET_ADMIN NET_BIND_SERVICE
# Resources
Memory=1g
PodmanArgs=--memory-reservation=512m --cpu-shares=1024

[Service]
Restart=always

[Install]
WantedBy=default.target