diff --git a/csgowtfd.service b/csgowtfd.service
new file mode 100644
index 0000000..63cd215
--- /dev/null
+++ b/csgowtfd.service
@@ -0,0 +1,26 @@
+[Unit]
+Description=CSSGOWTF backend service
+After=network.target
+
+[Service]
+DynamicUser=yes
+ExecStart=/opt/csgowtfd/csgowtfd
+WorkingDirectory=/var/lib/csgowtfd
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+DevicePolicy=closed
+ProtectSystem=strict
+ProtectHome=read-only
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+MemoryDenyWriteExecute=yes
+LockPersonality=yes
+
+[Install]
+WantedBy=multi-user.target