From 8e7f855af014f9a7a99747666a6b8e51fa4684cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Kucharczyk?= <lukas@kucharczyk.xyz>
Date: Mon, 17 Nov 2025 13:53:54 +0100
Subject: [PATCH] mealie: update to 3.5.0, auth via authentik

---
 docker-compose.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 6b3527d..52d296b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -208,11 +208,24 @@ services:
 
   mealie:
     container_name: mealie
-    image: hkotel/mealie:v1.9.0
+    image: hkotel/mealie:v3.5.0
+    depends_on:
+      - authentik-server
     environment:
       PUID: ${PUID}
       PGID: ${PGID}
       TZ: ${TZ}
+      OIDC_AUTH_ENABLED: true
+      OIDC_PROVIDER_NAME: Authentik
+      OIDC_CONFIGURATION_URL: https://authentik.kucharczyk.xyz/application/o/mealie/.well-known/openid-configuration
+      OIDC_CLIENT_ID: asDhzvutfxxpgwaaz0Jjr6SNpEtZo8GKjjs1WzUU
+      OIDC_CLIENT_SECRET: iIgP3aaF1t0sTd8JPwXrCYmd3Ycc5hhfQROdHN7ByDU81gFJiNbRQ1OrTU7e9yzuPAyqLShRQ2Ve7ov03maHpQtyZzZ2FBdb0OHCkoS4brVuV8uZ4cnVPCzwLEO9bk9U
+      OIDC_SIGNUP_ENABLED: false
+      OIDC_USER_GROUP: mealie-users
+      OIDC_ADMIN_GROUP: mealie-admins
+      OIDC_AUTO_REDIRECT: false   # Optional: The login page will be bypassed and you will be sent directly to your Identity Provider.
+      OIDC_REMEMBER_ME: true     # Option
+      ALLOW_PASSWORD_LOGIN: false
     env_file:
       - mealie.env
     volumes: