Add nnss-sproxy

nnss-sproxy@.socket

@@ -0,0 +1,16 @@
+[Unit]
+Description=Socket to connect to a service running inside a network namespace
+
+[Socket]
+ListenStream=/run/nnss-%i.sock
+
+# By default, the above socket is world writable
+# To restrict to just the web server, Run
+# sudo systemctl edit nnss-sproxy@.socket --drop-in=sockperms.conf
+# and add below settings. (change to your web server user)
+# SocketGroup=caddy
+# SocketMode=0660
+
+
+[Install]
+WantedBy=sockets.target