diff --git a/conf/bookwyrm-server.service b/conf/bookwyrm-server.service
index f807ad1..8439594 100644
--- a/conf/bookwyrm-server.service
+++ b/conf/bookwyrm-server.service
@@ -14,11 +14,11 @@ ProtectSystem=strict
 ProtectHome=tmpfs
 InaccessiblePaths=-/media -/mnt -/srv
 PrivateTmp=yes
-TemporaryFileSystem=/var /run
+TemporaryFileSystem=/run /opt
 #PrivateUsers=true
 PrivateDevices=true
 BindReadOnlyPaths=__INSTALL_DIR__
-BindPaths=__INSTALL_DIR__/images __INSTALL_DIR__/static /var/run/postgresql __INSTALL_DIR__/venv/bin/
+BindPaths=__INSTALL_DIR__/images __INSTALL_DIR__/static /var/run/postgresql
 LockPersonality=yes
 MemoryDenyWriteExecute=true
 PrivateMounts=true