diff --git a/bin/deploy/systemd/conservancy-www-db.service b/bin/deploy/systemd/conservancy-www-db.service
new file mode 100644
index 0000000000000000000000000000000000000000..a6ff38ef6b57483841185e41138628055e0d370e
--- /dev/null
+++ b/bin/deploy/systemd/conservancy-www-db.service
@@ -0,0 +1,28 @@
+# Update the fundraiser total/sustainer list from an SQL file on Apache restart.
+
+[Unit]
+Description=Update Conservancy website database
+Before=apache2.service
+
+[Service]
+Type=oneshot
+User=www-data
+ExecStart=/usr/bin/sqlite3 -bail /var/lib/www/database/conservancy-website.sqlite3 ".timeout 30000" "BEGIN TRANSACTION;" ".read /home/debian/django-supporters-list.sql" "COMMIT;"
+
+SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete
+CapabilityBoundingSet=
+NoNewPrivileges=true
+
+PrivateDevices=true
+PrivateNetwork=true
+PrivateTmp=true
+PrivateUsers=false
+ProtectControlGroups=true
+ProtectHome=read-only
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectSystem=strict
+ReadWritePaths=/var/lib/www/database
+
+[Install]
+WantedBy=apache2.service