diff --git a/phpipam/phpipam.yaml b/phpipam/phpipam.yaml
index 2590f3e..8ed3e07 100644
--- a/phpipam/phpipam.yaml
+++ b/phpipam/phpipam.yaml
@@ -6,6 +6,25 @@ metadata:
     app.kubernetes.io/name: phpipam
   name: phpipam
 
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: phpipam-httpd-conf
+  namespace: phpipam
+data:
+  phpipam.conf: |
+    <VirtualHost *:80>
+      DocumentRoot /phpipam
+      SetEnvIf Remote-User "(.*)$" PHP_AUTH_USER=$1
+    </VirtualHost>
+
+    <Directory "/phpipam">
+      AllowOverride All
+      Options FollowSymLinks
+      Require all granted
+    </Directory>
+
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -118,6 +137,11 @@ spec:
             add:
             - NET_ADMIN
             - NET_RAW
+        volumeMounts:
+        - name: httpd-conf
+          mountPath: /etc/apache2/conf.d/phpipam.conf
+          subPath: phpipam.conf
+          readOnly: true
       - image: docker.io/phpipam/phpipam-cron:v1.5.2
         imagePullPolicy: IfNotPresent
         name: phpipam-cron
@@ -136,6 +160,10 @@ spec:
             add:
             - NET_ADMIN
             - NET_RAW
+      volumes:
+      - name: httpd-conf
+        configMap:
+          name: phpipam-httpd-conf
       affinity:
         podAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
@@ -199,6 +227,10 @@ kind: Ingress
 metadata:
   annotations:
     nginx.ingress.kubernetes.io/rewrite-target: /
+    nginx.ingress.kubernetes.io/auth-method: GET
+    nginx.ingress.kubernetes.io/auth-url: http://authelia.authelia.svc.cluster.local:9091/api/verify
+    nginx.ingress.kubernetes.io/auth-signin: https://auth.pyrocufflink.blue/?rm=$request_method
+    nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
   name: phpipam
   namespace: phpipam
 spec: