diff --git a/.gitignore b/.gitignore
index ef47a75..1a0ffeb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,4 +15,6 @@ inventory.txt
 gitea-db.container
 gitea-srv.container
 nextcloud-db.container
-nextcloud-srv.container
\ No newline at end of file
+nextcloud-srv.container
+paperless-db.container
+paperless-srv.container
\ No newline at end of file
diff --git a/ansible/deploy_services.yml b/ansible/deploy_services.yml
index adb271e..ea9cc97 100644
--- a/ansible/deploy_services.yml
+++ b/ansible/deploy_services.yml
@@ -80,3 +80,10 @@
         service_name: "nextcloud"
         systemd_service_name: "nextcloud-pod"
         quadlet_template_src: "./my_service_templates"
+    - name: Deploy paperless
+      include_role:
+        name: rootless-podman-service
+      vars:
+        service_name: "paperless"
+        systemd_service_name: "paperless-pod"
+        quadlet_template_src: "./my_service_templates"
diff --git a/ansible/my_service_templates/paperless/paperless-broker.container b/ansible/my_service_templates/paperless/paperless-broker.container
new file mode 100644
index 0000000..5b40a8d
--- /dev/null
+++ b/ansible/my_service_templates/paperless/paperless-broker.container
@@ -0,0 +1,9 @@
+[Unit]
+Description=Paperless broker
+
+[Container]
+ContainerName=paperless-br
+Image=docker.io/redis:7
+Volume=/var/vol/paperless/br:/data:Z
+AutoUpdate=registry
+Pod=paperless.pod
diff --git a/ansible/my_service_templates/paperless/paperless-db.container.template b/ansible/my_service_templates/paperless/paperless-db.container.template
new file mode 100644
index 0000000..a7c32fa
--- /dev/null
+++ b/ansible/my_service_templates/paperless/paperless-db.container.template
@@ -0,0 +1,13 @@
+[Unit]
+Description=Paperless database
+
+[Container]
+ContainerName=paperless-db
+Image=docker.io/postgres:17
+Volume=/var/vol/paperless/db:/var/lib/postgresql/data:Z
+Environment=LANG=en_US.utf8
+Environment=POSTGRES_DB=<REDACTED>
+Environment=POSTGRES_USER=<REDACTED>
+Environment=POSTGRES_PASSWORD=<REDACTED>
+AutoUpdate=registry
+Pod=paperless.pod
diff --git a/ansible/my_service_templates/paperless/paperless-srv.container.template b/ansible/my_service_templates/paperless/paperless-srv.container.template
new file mode 100644
index 0000000..acc37fa
--- /dev/null
+++ b/ansible/my_service_templates/paperless/paperless-srv.container.template
@@ -0,0 +1,24 @@
+[Unit]
+Description=Paperless ngx server
+
+[Container]
+ContainerName=paperless-srv
+Image=ghcr.io/paperless-ngx/paperless-ngx:latest
+Volume=/var/vol/paperless/data:/usr/src/paperless/data:Z
+Volume=/var/vol/paperless/media:/usr/src/paperless/media:Z
+Volume=/var/vol/paperless/export:/usr/src/paperless/export:Z
+Volume=/var/vol/paperless/consume:/usr/src/paperless/consume:Z
+Environment=PAPERLESS_URL=https://paperless.rohrschacht.de
+Environment=PAPERLESS_SECRET_KEY=<REDACTED>
+Environment=PAPERLESS_TIME_ZONE=Europe/Berlin
+Environment=PAPERLESS_OCR_LANGUAGE=deu
+Environment=PAPERLESS_OCR_LANGUAGES=eng
+Environment=PAPERLESS_ADMIN_USER=<REDACTED>
+Environment=PAPERLESS_ADMIN_PASSWORD=<REDACTED>
+Environment=PAPERLESS_REDIS=redis://127.0.0.1:6379
+Environment=PAPERLESS_DBHOST=127.0.0.1
+Environment=PAPERLESS_DBNAME=<REDACTED>
+Environment=PAPERLESS_DBUSER=<REDACTED>
+Environment=PAPERLESS_DBPASS=<REDACTED>
+AutoUpdate=registry
+Pod=paperless.pod
diff --git a/ansible/my_service_templates/paperless/paperless.pod b/ansible/my_service_templates/paperless/paperless.pod
new file mode 100644
index 0000000..c8890bd
--- /dev/null
+++ b/ansible/my_service_templates/paperless/paperless.pod
@@ -0,0 +1,17 @@
+[Unit]
+Description=Paperless ngx deployment
+Wants=network-online.target
+After=network.target network-online.target
+
+[Pod]
+PodName=paperless
+PublishPort=127.0.0.1:8700:8000
+
+[Service]
+# Restart service when sleep finishes
+Restart=on-failure
+RestartSec=60
+
+[Install]
+# Start by default on boot
+WantedBy=multi-user.target default.target
diff --git a/ansible/traefik_config/dynamic.yml b/ansible/traefik_config/dynamic.yml
index acecc63..8674061 100644
--- a/ansible/traefik_config/dynamic.yml
+++ b/ansible/traefik_config/dynamic.yml
@@ -54,6 +54,15 @@ http:
         certResolver: letsencrypt
       service: nextcloud-service
 
+    # Router for paperless.rohrschacht.de
+    paperless-router:
+      rule: "Host(`paperless.rohrschacht.de`)"
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+      service: paperless-service
+
   services:
     # Service for wekan.rohrschacht.de
     wekan-service:
@@ -90,3 +99,9 @@ http:
       loadBalancer:
         servers:
           - url: "http://localhost:8600"
+
+    # Service for paperless.rohrschacht.de
+    paperless-service:
+      loadBalancer:
+        servers:
+          - url: "http://localhost:8700"
\ No newline at end of file