diff --git a/conf/bookwyrm-server.service b/conf/bookwyrm-server.service
index 8439594..98d88d6 100644
--- a/conf/bookwyrm-server.service
+++ b/conf/bookwyrm-server.service
@@ -14,11 +14,11 @@ ProtectSystem=strict
 ProtectHome=tmpfs
 InaccessiblePaths=-/media -/mnt -/srv
 PrivateTmp=yes
-TemporaryFileSystem=/run /opt
+TemporaryFileSystem=/var /run /opt __INSTALL_DIR__
 #PrivateUsers=true
 PrivateDevices=true
 BindReadOnlyPaths=__INSTALL_DIR__
-BindPaths=__INSTALL_DIR__/images __INSTALL_DIR__/static /var/run/postgresql
+BindPaths=__INSTALL_DIR__/images __INSTALL_DIR__/static /var/run/postgresql __INSTALL_DIR__/venv/bin
 LockPersonality=yes
 MemoryDenyWriteExecute=true
 PrivateMounts=true