[Unit]
Description=vault
After=network.target

[Service]
AmbientCapabilities=CAP_IPC_LOCK
ExecStart={{ bin_dir }}/vault server --config={{ vault_config_dir }}/config.json
LimitNOFILE=40000
NotifyAccess=all
Restart=always
RestartSec=10s
User={{ vault_adduser_vars.name }}

[Install]
WantedBy=multi-user.target