[Unit]
Description=Ollama Service
After=network-online.target

[Service]
;ExecStart=/usr/bin/ollama serve
ExecStart=/usr/local/bin/ollama serve
User=ollama
Group=ollama
# Restart=always
RestartSec=3
Environment="PATH=$PATH"
EnvironmentFile=/etc/ollama/serve.conf
# WorkingDirectory=/var/lib/ollama
StateDirectory=ollama
UMask=0077
Restart=on-failure

# ProtectSystem=full
ProtectHome=true
PrivateTmp=true
NoNewPrivileges=true
CapabilityBoundingSet=
AmbientCapabilities=
LockPersonality=true
# MemoryDenyWriteExecute=true

MemoryDenyWriteExecute=false
DeviceAllow=char-nvidiactl rw
DeviceAllow=char-nvidia-uvm rw
DeviceAllow=char-nvidia-modeset rw

[Install]
WantedBy=multi-user.target