diff --git a/roles/anubis-el/files/anubis.service b/roles/anubis-el/files/anubis.service
index 72f28d141a..2b323ac693 100644
--- a/roles/anubis-el/files/anubis.service
+++ b/roles/anubis-el/files/anubis.service
@@ -3,19 +3,13 @@ Description=Anubis Container
 
 [Service]
 User=anubis
-Environment=DIFFICULTY=4
-Environment=METRICS_BIND=":9090"
-Environment=SERVE_ROBOTS_TXT="true"
-Environment=TARGET=http://localhost:3001
-Environment=POLICY_FNAME="/data/cfg/botPolicy.yaml"
-Environment=OG_PASSTHROUGH="true"
-Environment=OG_EXPIRY_TIME="24h"
 ExecStartPre=-/usr/bin/podman stop -t 1 %n
 ExecStartPre=-/usr/bin/podman rm %n --force
 ExecStart=/usr/bin/podman run \
             --net=host --userns=keep-id \
             --rm=true --name %n \
-            -v /srv/anubis:/data/ \
+            -v /srv/anubis:/srv/anubis \
+            --env-file=/srv/anubis/cfg/env \
             --publish 8923:8923 \
             ghcr.io/techarohq/anubis:latest
 ExecStop=/usr/bin/podman stop -t 1 %n
diff --git a/roles/anubis-el/tasks/main.yml b/roles/anubis-el/tasks/main.yml
index 3c4f9e3688..70401c1911 100644
--- a/roles/anubis-el/tasks/main.yml
+++ b/roles/anubis-el/tasks/main.yml
@@ -100,6 +100,16 @@
   notify:
   - Reload systemd
 
+- name: Add the anubis env file
+  ansible.builtin.template:
+    src: env.j2
+    dest: /srv/anubis/cfg/env
+    owner: root
+    group: root
+    mode: '0644'
+  notify:
+    Restart anubis-el
+
 - name: Enable and make sure pod is started
   ansible.builtin.systemd:
     name: anubis
diff --git a/roles/anubis-el/templates/env.j2 b/roles/anubis-el/templates/env.j2
new file mode 100644
index 0000000000..54a989d449
--- /dev/null
+++ b/roles/anubis-el/templates/env.j2
@@ -0,0 +1,10 @@
+DIFFICULTY=4
+METRICS_BIND=:9090
+SERVE_ROBOTS_TXT=true
+TARGET=http://localhost:3923
+POLICY_FNAME=/srv/anubis/cfg/botPolicy.yaml
+OG_PASSTHROUGH=true
+OG_EXPIRY_TIME=24h
+{% if inventory_hostname in groups['download'] %}
+ED25519_PRIVATE_KEY_HEX={{ anubis_dl_ed25519_key }}
+{% endif %}