diff --git a/ansible/roles/dokuwiki/defaults/main.json b/ansible/roles/dokuwiki/defaults/main.json
index d37a59c..686905f 100644
--- a/ansible/roles/dokuwiki/defaults/main.json
+++ b/ansible/roles/dokuwiki/defaults/main.json
@@ -3,13 +3,17 @@
 	"var_dokuwiki_title": "DokuWiki",
 	"var_dokuwiki_language": "en",
 	"var_dokuwiki_licence": "cc-by-sa",
-	"var_dokuwiki_oauth2_enable": false,
-	"var_dokuwiki_oauth2_title": "external auth",
-	"var_dokuwiki_oauth2_client_id": "dokuwiki",
-	"var_dokuwiki_oauth2_client_secret": "REPLACE_ME",
-	"var_dokuwiki_oauth2_auth_url": "https://auth.example.org/api/oidc/authorize",
-	"var_dokuwiki_oauth2_token_url": "https://auth.example.org/api/oidc/token",
-	"var_dokuwiki_oauth2_user_url": "https://auth.example.org/api/oidc/userinfo",
+	"var_dokuwiki_authentication_kind": "internal",
+	"var_dokuwiki_authentication_data_generic_auth_url": "https://auth.example.org/api/oidc/authorize",
+	"var_dokuwiki_authentication_data_generic_token_url": "https://auth.example.org/api/oidc/token",
+	"var_dokuwiki_authentication_data_generic_user_url": "https://auth.example.org/api/oidc/userinfo",
+	"var_dokuwiki_authentication_data_generic_client_id": "dokuwiki",
+	"var_dokuwiki_authentication_data_generic_client_secret": "REPLACE_ME",
+	"var_dokuwiki_authentication_data_generic_title": "external auth",
+	"var_dokuwiki_authentication_data_authelia_url_base": "https://authelia.example.org",
+	"var_dokuwiki_authentication_data_authelia_client_id": "dokuwiki",
+	"var_dokuwiki_authentication_data_authelia_client_secret": "REPLACE_ME",
+	"var_dokuwiki_authentication_data_authelia_label": "Authelia",
 	"var_dokuwiki_admin_user_define": true,
 	"var_dokuwiki_admin_user_name": "admin",
 	"var_dokuwiki_admin_user_password": "REPLACE_ME",
diff --git a/ansible/roles/dokuwiki/templates/conf-local.php.j2 b/ansible/roles/dokuwiki/templates/conf-local.php.j2
index 25bd096..41f151b 100644
--- a/ansible/roles/dokuwiki/templates/conf-local.php.j2
+++ b/ansible/roles/dokuwiki/templates/conf-local.php.j2
@@ -5,16 +5,19 @@ $conf['license'] = '{{var_dokuwiki_licence}}';
 $conf['useacl'] = 1;
 $conf['superuser'] = '@admin';
 $conf['passcrypt'] = 'bcrypt';
-{% if var_dokuwiki_oauth2_enable %}
+{% if var_dokuwiki_authentication_kind == 'internal' %}
+$conf['authtype'] = 'authplain';
+{% endif %}
+{% if var_dokuwiki_authentication_kind == 'generic' %}
 $conf['authtype'] = 'oauth';
 $conf['disableactions'] = 'register,resendpwd,profile,profile_delete';
 $conf['plugin']['oauth']['singleService'] = 1;
 $conf['plugin']['oauth']['register-on-auth'] = 1;
-$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_oauth2_client_id}}';
-$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_oauth2_client_secret}}';
-$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_oauth2_auth_url}}';
-$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_oauth2_token_url}}';
-$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_oauth2_user_url}}';
+$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_authentication_data_generic_client_id}}';
+$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_authentication_data_generic_client_secret}}';
+$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_authentication_data_generic_auth_url}}';
+$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_authentication_data_generic_token_url}}';
+$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_authentication_data_generic_user_url}}';
 $conf['plugin']['oauthgeneric']['authmethod'] = 1;
 $conf['plugin']['oauthgeneric']['scopes'] = ['openid','email','profile','groups'];
 $conf['plugin']['oauthgeneric']['needs-state'] = 1;
@@ -22,8 +25,27 @@ $conf['plugin']['oauthgeneric']['json-user'] = 'sub';
 $conf['plugin']['oauthgeneric']['json-name'] = 'name';
 $conf['plugin']['oauthgeneric']['json-mail'] = 'email';
 $conf['plugin']['oauthgeneric']['json-grps'] = 'groups';
-$conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_oauth2_title}}';
+$conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_authentication_data_generic_title}}';
 $conf['plugin']['oauthgeneric']['color'] = '#333333';
-{% else %}
-$conf['authtype'] = 'authplain';
 {% endif %}
+{% if var_dokuwiki_authentication_kind == 'authelia' %}
+$conf['authtype'] = 'oauth';
+$conf['disableactions'] = 'register,resendpwd,profile,profile_delete';
+$conf['plugin']['oauth']['singleService'] = 1;
+$conf['plugin']['oauth']['register-on-auth'] = 1;
+$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_authentication_data_authelia_client_id}}';
+$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_authentication_data_authelia_client_secret}}';
+$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/authorize';
+$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/token';
+$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/userinfo';
+$conf['plugin']['oauthgeneric']['authmethod'] = 1;
+$conf['plugin']['oauthgeneric']['scopes'] = ['openid','email','profile','groups'];
+$conf['plugin']['oauthgeneric']['needs-state'] = 1;
+$conf['plugin']['oauthgeneric']['json-user'] = 'sub';
+$conf['plugin']['oauthgeneric']['json-name'] = 'name';
+$conf['plugin']['oauthgeneric']['json-mail'] = 'email';
+$conf['plugin']['oauthgeneric']['json-grps'] = 'groups';
+$conf['plugin']['oauthgeneric']['label'] = '{{"var_dokuwiki_authentication_data_authelia_label}}';
+$conf['plugin']['oauthgeneric']['color'] = '#333333';
+{% endif %}
+
diff --git a/ansible/roles/dokuwiki/vardef.json b/ansible/roles/dokuwiki/vardef.json
new file mode 100644
index 0000000..4035f77
--- /dev/null
+++ b/ansible/roles/dokuwiki/vardef.json
@@ -0,0 +1,87 @@
+{
+	"directory": {
+		"type": "string",
+		"mandatory": false
+	},
+	"title": {
+		"type": "string",
+		"mandatory": false
+	},
+	"language": {
+		"type": "string",
+		"mandatory": false
+	},
+	"licence": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_kind": {
+		"type": "string",
+		"options": [
+			"internal",
+			"generic",
+			"authelia"
+		],
+		"mandatory": false
+	},
+	"authentication_data_generic_auth_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_token_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_user_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_client_id": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_client_secret": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_title": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_url_base": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_id": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_secret": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_label": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_define": {
+		"type": "boolean",
+		"mandatory": false
+	},
+	"admin_user_name": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_password": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_label": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_email_address": {
+		"type": "string",
+		"mandatory": false
+	}
+}