diff --git a/roles/docker-peertube/tasks/disable-oidc.yml b/roles/docker-peertube/tasks/disable-oidc.yml
new file mode 100644
index 00000000..65406dd0
--- /dev/null
+++ b/roles/docker-peertube/tasks/disable-oidc.yml
@@ -0,0 +1,5 @@
+- name: "Uninstall auth-openid-connect plugin for Peertube"
+  command: >
+    docker exec {{ container_name }} \
+    npm run plugin:uninstall -- --npm-name {{oidc_plugin}}
+  ignore_errors: true
diff --git a/roles/docker-peertube/tasks/enable-oidc.yml b/roles/docker-peertube/tasks/enable-oidc.yml
new file mode 100644
index 00000000..9aa51843
--- /dev/null
+++ b/roles/docker-peertube/tasks/enable-oidc.yml
@@ -0,0 +1,16 @@
+- name: "Install auth-openid-connect plugin for Peertube"
+  command: >
+    docker exec {{ container_name }} \
+    npm run plugin:install -- --npm-name {{oidc_plugin}}
+
+- name: Update Peertube config for OpenID Connect
+  ansible.builtin.lineinfile:
+    path: /opt/peertube/config/production.yaml
+    regexp: '^{{ item.key }}:'
+    line: "{{ item.key }}: {{ item.value }}"
+  loop:
+    - { key: "oidc.client_id", value: "{{ oidc_client_id }}" }
+    - { key: "oidc.client_secret", value: "{{ oidc_client_secret }}" }
+    - { key: "oidc.discover_url", value: "{{ oidc_discover_url }}" }
+    - { key: "oidc.scope", value: "openid email profile" }
+  become: yes
diff --git a/roles/docker-peertube/tasks/main.yml b/roles/docker-peertube/tasks/main.yml
index 589c027b..363e6f91 100644
--- a/roles/docker-peertube/tasks/main.yml
+++ b/roles/docker-peertube/tasks/main.yml
@@ -13,3 +13,11 @@
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml
+
+- name: "Install and activate auth-openid-connect plugin if OIDC is enabled"
+  include_tasks: enable-oidc.yml
+  when: applications | is_feature_enabled('oidc',application_id)
+
+- name: "Deinstall and disable auth-openid-connect plugin if OIDC is enabled"
+  include_tasks: disable-oidc.yml
+  when: applications | is_feature_enabled('oidc',application_id)
\ No newline at end of file
diff --git a/roles/docker-peertube/vars/configuration.yml b/roles/docker-peertube/vars/configuration.yml
index e3de3283..4553c84b 100644
--- a/roles/docker-peertube/vars/configuration.yml
+++ b/roles/docker-peertube/vars/configuration.yml
@@ -4,6 +4,7 @@ features:
   css:                false
   portfolio_iframe:   false
   central_database:   true
+  oidc:               false
 csp:
   flags:
     script-src:
diff --git a/roles/docker-peertube/vars/main.yml b/roles/docker-peertube/vars/main.yml
index cb5ec7b5..1e13ca7d 100644
--- a/roles/docker-peertube/vars/main.yml
+++ b/roles/docker-peertube/vars/main.yml
@@ -1,2 +1,4 @@
-application_id:      "peertube"
-database_type:      "postgres"
\ No newline at end of file
+application_id: "peertube"
+database_type:  "postgres"
+container_name: "{{ application_id }}"
+oidc_plugin:    "peertube-plugin-auth-openid-connect"
\ No newline at end of file