diff --git a/main.tf b/main.tf
index 9f81e5e6..2d679dca 100644
--- a/main.tf
+++ b/main.tf
@@ -32,8 +32,8 @@ variable "drone_github_client_id" {}
 variable "drone_github_client_secret" {}
 variable "drone_rpc_secret" {}
 # variable "dockerhub_password" {}
-# variable "oauth_client_id" {}
-# variable "oauth_client_secret" {}
+variable "oauth2_proxy_client_id" {}
+variable "oauth2_proxy_client_secret" {}
 variable "url_shortener_mysql_password" {}
 variable "url_shortener_geolite_license_key" {}
 variable "url_shortener_api_key" {}
@@ -253,6 +253,8 @@ module "kubernetes_cluster" {
   drone_rpc_secret           = var.drone_rpc_secret
 
   # Oauth proxy
+  oauth2_proxy_client_id = var.oauth2_proxy_client_id
+  oauth2_proxy_client_secret = var.oauth2_proxy_client_secret
   # oauth_client_id     = var.oauth_client_id
   # oauth_client_secret = var.oauth_client_secret
   # depends_on = [module.k8s_master, module.k8s_node1, module.k8s_node2] # wait until master and at least 2 nodes are up
diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf
index d14684de..7bd53cc2 100644
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@@ -19,9 +19,8 @@ variable "dbaas_root_password" {}
 variable "drone_github_client_id" {}
 variable "drone_github_client_secret" {}
 variable "drone_rpc_secret" {}
-# variable "dockerhub_password" {}
-# variable "oauth_client_id" {}
-# variable "oauth_client_secret" {}
+variable "oauth2_proxy_client_id" {}
+variable "oauth2_proxy_client_secret" {}
 variable "url_shortener_geolite_license_key" {}
 variable "url_shortener_api_key" {}
 variable "url_shortener_mysql_password" {}
@@ -167,14 +166,14 @@ module "monitoring" {
   depends_on = [null_resource.core_services]
 }
 
-# module "oauth" {
-#   source          = "./oauth-proxy"
-#   tls_secret_name = var.tls_secret_name
-#   client_id       = var.oauth_client_id
-#   client_secret   = var.oauth_client_secret
+module "oauth" {
+  source          = "./oauth-proxy"
+  tls_secret_name = var.tls_secret_name
+oauth2_proxy_client_id = var.oauth2_proxy_client_id
+oauth2_proxy_client_secret = var.oauth2_proxy_client_secret
 
-#   depends_on = [null_resource.core_services]
-# }
+  depends_on = [null_resource.core_services]
+}
 
 module "openid_help_page" {
   source          = "./openid_help_page"
diff --git a/modules/kubernetes/oauth-proxy/main.tf b/modules/kubernetes/oauth-proxy/main.tf
index ae7ad914..4fd6c1ab 100644
--- a/modules/kubernetes/oauth-proxy/main.tf
+++ b/modules/kubernetes/oauth-proxy/main.tf
@@ -11,6 +11,14 @@ variable "tls_secret_name" {
   type = string
 }
 
+variable "oauth2_proxy_client_secret" {
+  type = string
+}
+
+variable "oauth2_proxy_client_id" {
+  type = string
+}
+
 module "tls_secret" {
   source          = "../setup_tls_secret"
   namespace       = "oauth2"
@@ -109,11 +117,11 @@ resource "kubernetes_deployment" "oauth2-proxy" {
           args  = ["--provider=google", "--email-domain=*", "--upstream=file:///dev/null", "--upstream=http://localhost/redirect/", "--http-address=0.0.0.0:4180", "--cookie-domain=.viktorbarzin.me", "--footer=-"]
           env {
             name  = "OAUTH2_PROXY_CLIENT_ID"
-            value = "533122798643-rkefmkuegbt218bpkibbdmghb4irlrv5.apps.googleusercontent.com"
+            value = var.oauth2_proxy_client_id
           }
           env {
             name  = "OAUTH2_PROXY_CLIENT_SECRET"
-            value = "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"
+            value = var.oauth2_proxy_client_secret
           }
           env {
             name  = "OAUTH2_PROXY_COOKIE_SECRET"