diff --git a/templates/etc/systemd/user/repair_daemon_fotothek.service.j2 b/templates/etc/systemd/user/repair_daemon_fotothek.service.j2
new file mode 100644
index 0000000000000000000000000000000000000000..0e6534475fe73726729b312aff91ab0de6674824
--- /dev/null
+++ b/templates/etc/systemd/user/repair_daemon_fotothek.service.j2
@@ -0,0 +1,36 @@
+[Unit]
+Description=Repair Tool Daemon (Fotothek)
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/perl -I/usr/lib/perl5 /usr/bin/repair_daemon.pl --sourcedir=/mnt/lza_repair_fotothek/unprocessed/ --targetdir=/mnt/lza_repair_fotothek/processed/ --logdir=/mnt/lza_repair_fotothek/log/ --minwait=65 --minfileage=65 --crashmail="{{ vault_service_files.repair_daemon_fotothek.crashmail }}" --daemonname="Repair-Daemon-Fotothek" --workers 5
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+User={{ vault_service_user }}
+Group={{ vault_service_group }}
+Type=simple
+
+### Security features
+# documented at https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+#ProtectSystem=strict
+#ProtectHome=read-only
+#ProtectHostname=true
+#ProtectClock=true
+#ProtectKernelTunables=true
+#ProtectKernelModules=true
+#ProtectKernelLogs=true
+#ProtectControlGroups=true
+#LockPersonality=true
+#MemoryDenyWriteExecute=true
+#RestrictRealtime=true
+#RestrictSUIDSGID=true
+## RemoveIPC=true
+## PrivateMounts=true
+## MountFlags=
+## SystemCallFilter is a Whitelist!!!
+#SystemCallFilter=@aio,@basic-io,@debug,@file-system,@network-io
+#SystemCallErrorNumber=1337
+
+[Install]
+WantedBy=multi-user.target