diff --git a/playbook.yml b/playbook.yml
index e372a79..0be7f23 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -23,16 +23,25 @@
       copy:
         dest: /etc/systemd/system/caddy.service
         content: |
+          # caddy.service
+          # See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
           [Unit]
-          Description=Caddy web server
-          After=network.target
+          Description=Caddy
+          Documentation=https://caddyserver.com/docs/
+          After=network.target network-online.target
+          Requires=network-online.target
 
           [Service]
-          ExecStart=/usr/local/bin/caddy run --config /etc/caddy/Caddyfile
-          Restart=always
+          Type=notify
           User=caddy
           Group=caddy
-          EnvironmentFile=/etc/caddy/.env
+          ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+          ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
+          TimeoutStopSec=5s
+          LimitNOFILE=1048576
+          PrivateTmp=true
+          ProtectSystem=full
+          AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
 
           [Install]
           WantedBy=multi-user.target