diff --git a/mastodon.yml b/mastodon.yml
index cc87b5c..f78b350 100644
--- a/mastodon.yml
+++ b/mastodon.yml
@@ -12,3 +12,5 @@
       active_record_encryption_deterministic_key: "{{ mastodon.active_record_encryption_deterministic_key }}"
       active_record_encryption_key_derivation_salt: "{{ mastodon.active_record_encryption_key_derivation_salt  }}"
       active_record_encryption_primary_key: "{{ mastodon.active_record_encryption_primary_key }}"
+      oidc_client_id: "oD2Vg5shQju164gYmju8"
+      oidc_client_secret: "{{ mastodon.oidc_client_secret }}"
diff --git a/roles/mastodon/templates/mastodon.env.j2 b/roles/mastodon/templates/mastodon.env.j2
index e4c7897..9dd5e78 100644
--- a/roles/mastodon/templates/mastodon.env.j2
+++ b/roles/mastodon/templates/mastodon.env.j2
@@ -37,3 +37,13 @@ S3_HOSTNAME={{ s3_hostname }}
 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ active_record_encryption_deterministic_key }}
 ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ active_record_encryption_key_derivation_salt }}
 ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ active_record_encryption_primary_key }}
+
+OIDC_ENABLED=true
+OIDC_DISPLAY_NAME=comfycamp.space
+OIDC_ISSUER=https://comfycamp.space
+OIDC_DISCOVERY=true
+OIDC_SCOPE=openid,profile,email
+OIDC_UID_FIELD=preferred_username
+OIDC_REDIRECT_URI=https://m.comfycamp.space/auth/auth/openid_connect/callback
+OIDC_CLIENT_ID={{ oidc_client_id }}
+OIDC_CLIENT_SECRET={{ oidc_client_secret }}