diff --git a/roles/mastodon/templates/mastodon-streaming.service.j2 b/roles/mastodon/templates/mastodon-streaming.service.j2
index 409310c..66cc347 100644
--- a/roles/mastodon/templates/mastodon-streaming.service.j2
+++ b/roles/mastodon/templates/mastodon-streaming.service.j2
@@ -1,51 +1,12 @@
 [Unit]
 Description=mastodon-streaming
 After=network.target
+Wants=mastodon-streaming@4000.service
 
 [Service]
-Type=simple
-User=mastodon
-WorkingDirectory={{ mastodon_home }}/live
-Environment="NODE_ENV=production"
-Environment="PORT=4000"
-Environment="STREAMING_CLUSTER_NUM=1"
-ExecStart=/usr/bin/node ./streaming
-TimeoutSec=15
-Restart=always
-# Proc filesystem
-ProcSubset=pid
-ProtectProc=invisible
-# Capabilities
-CapabilityBoundingSet=
-# Security
-NoNewPrivileges=true
-# Sandboxing
-ProtectSystem=strict
-PrivateTmp=true
-PrivateDevices=true
-PrivateUsers=true
-ProtectHostname=true
-ProtectKernelLogs=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectControlGroups=true
-RestrictAddressFamilies=AF_INET
-RestrictAddressFamilies=AF_INET6
-RestrictAddressFamilies=AF_NETLINK
-RestrictAddressFamilies=AF_UNIX
-RestrictNamespaces=true
-LockPersonality=true
-RestrictRealtime=true
-RestrictSUIDSGID=true
-RemoveIPC=true
-PrivateMounts=true
-ProtectClock=true
-# System Call Filtering
-SystemCallArchitectures=native
-SystemCallFilter=~@cpu-emulation @debug @keyring @ipc @memlock @mount @obsolete @privileged @resources @setuid
-SystemCallFilter=pipe
-SystemCallFilter=pipe2
-ReadWritePaths={{ mastodon_home }}/live
+Type=oneshot
+ExecStart=/bin/echo "mastodon-streaming exists only to collectively start and stop mastodon-streaming@ instances, shimming over the migration to templated mastodon-streaming systemd unit"
+RemainAfterExit=yes
 
 [Install]
 WantedBy=multi-user.target
diff --git a/roles/mastodon/templates/mastodon-streaming@.service.j2 b/roles/mastodon/templates/mastodon-streaming@.service.j2
new file mode 100644
index 0000000..4104abe
--- /dev/null
+++ b/roles/mastodon/templates/mastodon-streaming@.service.j2
@@ -0,0 +1,54 @@
+[Unit]
+Description=mastodon-streaming on port %I
+After=network.target
+# handles using `systemctl restart mastodon-streaming`
+PartOf=mastodon-streaming.service
+ReloadPropagatedFrom=mastodon-streaming.service
+
+[Service]
+Type=simple
+User=mastodon
+WorkingDirectory={{ mastodon_home }}/live
+Environment="NODE_ENV=production"
+Environment="PORT=%i"
+ExecStart=/usr/bin/node ./streaming
+TimeoutSec=15
+Restart=always
+LimitNOFILE=65536
+# Proc filesystem
+ProcSubset=pid
+ProtectProc=invisible
+# Capabilities
+CapabilityBoundingSet=
+# Security
+NoNewPrivileges=true
+# Sandboxing
+ProtectSystem=strict
+PrivateTmp=true
+PrivateDevices=true
+PrivateUsers=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+RestrictAddressFamilies=AF_INET
+RestrictAddressFamilies=AF_INET6
+RestrictAddressFamilies=AF_NETLINK
+RestrictAddressFamilies=AF_UNIX
+RestrictNamespaces=true
+LockPersonality=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+RemoveIPC=true
+PrivateMounts=true
+ProtectClock=true
+# System Call Filtering
+SystemCallArchitectures=native
+SystemCallFilter=~@cpu-emulation @debug @keyring @ipc @memlock @mount @obsolete @privileged @resources @setuid
+SystemCallFilter=pipe
+SystemCallFilter=pipe2
+ReadWritePaths={{ mastodon_home }}/live
+
+[Install]
+WantedBy=multi-user.target mastodon-streaming.service