diff --git a/systemd_units/caddy.service b/systemd_units/caddy.service
new file mode 100644
index 0000000..9e09f91
--- /dev/null
+++ b/systemd_units/caddy.service
@@ -0,0 +1,51 @@
+[Unit]
+Description=Caddy HTTP/2 web server
+Documentation=https://caddyserver.com/docs
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+
+[Service]
+Restart=on-abnormal
+
+; User and group the process will run as.
+User=caddy
+Group=caddy
+
+; Letsencrypt-issued certificates will be written to this directory.
+Environment=CADDYPATH=/etc/ssl/caddy
+
+; Always set "-root" to something safe in case it gets forgotten in the Caddyfile.
+ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp -envfile /etc/caddy/env
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Limit the number of file descriptors; see `man systemd.exec` for more limit settings.
+LimitNOFILE=1048576
+; Unmodified caddy is not expected to use more than that.
+LimitNPROC=512
+
+; Use private /tmp and /var/tmp, which are discarded after caddy stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=true
+; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
+ProtectHome=true
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
+;   This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
+ReadWriteDirectories=/etc/ssl/caddy
+
+; The following additional security directives only work with systemd v229 or later.
+; They further restrict privileges that can be gained by caddy. Uncomment if you like.
+; Note that you may have to add capabilities required by any plugins in use.
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/gitea.service b/systemd_units/gitea.service
new file mode 100644
index 0000000..9f34a29
--- /dev/null
+++ b/systemd_units/gitea.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target
+After=network.target
+Requires=postgresql.service
+
+[Service]
+LimitMEMLOCK=infinity
+LimitNOFILE=65535
+RestartSec=2s
+Type=simple
+User=git
+Group=git
+WorkingDirectory=/var/lib/gitea/
+ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/mirror-bot-2.service b/systemd_units/mirror-bot-2.service
new file mode 100644
index 0000000..9741da3
--- /dev/null
+++ b/systemd_units/mirror-bot-2.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=aria2 mirror Telegram bot service
+After=network.target
+
+[Service]
+Restart=on-abort
+Type=simple
+User=bot
+WorkingDirectory=/home/bot/aria-telegram-mirror-bot-2
+ExecStartPre=/usr/bin/env bash aria.sh
+ExecStart=/usr/bin/npm start
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Use private /tmp and /var/tmp, which are discarded after the process stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=true
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/mirror-bot.service b/systemd_units/mirror-bot.service
new file mode 100644
index 0000000..b5f1bec
--- /dev/null
+++ b/systemd_units/mirror-bot.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=aria2 mirror Telegram bot service
+After=network.target
+
+[Service]
+Restart=on-abort
+Type=simple
+User=bot
+WorkingDirectory=/home/bot/aria-telegram-mirror-bot
+ExecStartPre=/usr/bin/env bash aria.sh
+ExecStart=/usr/bin/npm start
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Use private /tmp and /var/tmp, which are discarded after the process stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=true
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/uno-bot.service b/systemd_units/uno-bot.service
new file mode 100644
index 0000000..d255822
--- /dev/null
+++ b/systemd_units/uno-bot.service
@@ -0,0 +1,26 @@
+[Unit]
+Description=UNO Telegram bot service
+After=network.target
+
+[Service]
+Restart=on-abort
+Type=simple
+User=bot
+WorkingDirectory=/home/bot/mau_mau_bot
+ExecStart=/home/bot/mau_mau_bot/venv/bin/python bot.py
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Use private /tmp and /var/tmp, which are discarded after the process stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=false
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/update.sh b/systemd_units/update.sh
new file mode 100755
index 0000000..1f50fbe
--- /dev/null
+++ b/systemd_units/update.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+CL_RST="\033[0m"
+CL_YLW="\033[01;33m"
+
+function prettyPrint {
+    echo -e "${CL_YLW}${1}${CL_RST}"
+}
+
+# Grab all service names
+declare -a services=('caddy' 'gitea' 'horbiswalls-bot' 'mirror-bot' 'mirror-bot-2' 'uno-bot' 'walls-bot' 'walls-bot-2')
+
+# Now loop through each service and install it
+for service in "${services[@]}"; do
+    if [ "${1}" ] && [[ "${service}" != "${1}" && "${service}.service" != "${1}" ]]; then
+        continue
+    fi
+    prettyPrint "Installing ${service}"
+    sudo cp -v "${service}.service" /etc/systemd/system/
+    sudo systemctl daemon-reload
+    prettyPrint "Restarting ${service}"
+    sudo systemctl restart "${service}"
+    if [ ! -f "/etc/systemd/system/multi-user.target.wants/${service}.service" ]; then
+        prettyPrint "Enabling ${service}"
+        sudo systemctl enable "${service}"
+    fi
+done
diff --git a/systemd_units/walls-bot-2.service b/systemd_units/walls-bot-2.service
new file mode 100644
index 0000000..fe85c49
--- /dev/null
+++ b/systemd_units/walls-bot-2.service
@@ -0,0 +1,26 @@
+[Unit]
+Description=horbiswalls Telegram bot service
+After=network.target
+
+[Service]
+Restart=on-abort
+Type=simple
+User=bot
+WorkingDirectory=/home/bot/walls-bot-2
+ExecStart=/home/bot/walls-bot/gradlew run
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Use private /tmp and /var/tmp, which are discarded after the process stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=false
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd_units/walls-bot.service b/systemd_units/walls-bot.service
new file mode 100644
index 0000000..3427bea
--- /dev/null
+++ b/systemd_units/walls-bot.service
@@ -0,0 +1,26 @@
+[Unit]
+Description=horbiswalls Telegram bot service
+After=network.target
+
+[Service]
+Restart=on-abort
+Type=simple
+User=bot
+WorkingDirectory=/home/bot/walls-bot
+ExecStart=/home/bot/walls-bot/gradlew run
+ExecReload=/bin/kill -USR1 $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+; Use private /tmp and /var/tmp, which are discarded after the process stops.
+PrivateTmp=true
+; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
+PrivateDevices=false
+; Make /usr, /boot, /etc and possibly some more folders read-only.
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target