diff --git a/authelia/config/configuration.yml b/authelia/config/configuration.yml
index 7f4fbc9..4c382fd 100644
--- a/authelia/config/configuration.yml
+++ b/authelia/config/configuration.yml
@@ -117,3 +117,15 @@ identity_providers:
           - email
           - groups
         userinfo_signed_response_alg: 'none'
+      - id: grafana
+        description: Grafana via Authelia
+        secret: '$argon2id$v=19$m=65536,t=3,p=4$IoJjIPmtn81rI0te8lV5Yw$tptaXFfI1NOsPctEzyAYiRblzFNsWgbS9Gh160OkoqQ'
+        public: false
+        authorization_policy: one_factor
+        redirect_uris:
+          - https://grafana.quangkhai.ch/login/generic_oauth
+        scopes:
+          - openid
+          - profile
+          - email
+        userinfo_signed_response_alg: 'none'        
diff --git a/deploy.sh b/deploy.sh
new file mode 100644
index 0000000..9c824c9
--- /dev/null
+++ b/deploy.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# Deploy Authelia configuration
+# Copies all files from authelia folder to /home/quangkhai/authelia
+
+set -e
+
+SOURCE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/authelia" && pwd)"
+DEST_DIR="/home/quangkhai/authelia"
+
+echo "Starting deployment..."
+echo "Source: $SOURCE_DIR"
+echo "Destination: $DEST_DIR"
+
+# Create destination directory if it doesn't exist
+if [ ! -d "$DEST_DIR" ]; then
+    echo "Creating destination directory: $DEST_DIR"
+    mkdir -p "$DEST_DIR"
+fi
+
+# Copy all files
+echo "Copying files..."
+cp -rv "$SOURCE_DIR"/* "$DEST_DIR/"
+
+echo "✓ Deployment completed successfully!"
+echo "Files copied to: $DEST_DIR"
+
+
diff --git a/prometheus/grafana/config.monitoring b/prometheus/grafana/config.monitoring
new file mode 100644
index 0000000..a87a6f9
--- /dev/null
+++ b/prometheus/grafana/config.monitoring
@@ -0,0 +1,25 @@
+GF_SERVER_ROOT_URL=https://grafana.quangkhai.ch
+GF_AUTH_ANONYMOUS_ENABLED=false
+GF_AUTH_DISABLE_LOGIN_FORM=true
+
+GF_AUTH_GENERIC_OAUTH_ENABLED=true
+GF_AUTH_GENERIC_OAUTH_NAME=Authelia
+GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=true
+GF_AUTH_GENERIC_OAUTH_CLIENT_ID=grafana
+GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=VeNuocNuocVe26!
+GF_AUTH_GENERIC_OAUTH_SCOPES="openid profile email"
+GF_AUTH_GENERIC_OAUTH_USE_ID_TOKEN=true
+
+GF_AUTH_GENERIC_OAUTH_AUTH_URL=https://auth.quangkhai.ch/api/oidc/authorization
+GF_AUTH_GENERIC_OAUTH_TOKEN_URL=https://auth.quangkhai.ch/api/oidc/token
+GF_AUTH_GENERIC_OAUTH_API_URL=https://auth.quangkhai.ch/api/oidc/userinfo
+
+# 2. Map the ID (used for login)
+# Many OIDC providers use 'preferred_username' or 'sub'
+GF_AUTH_GENERIC_OAUTH_LOGIN_ATTRIBUTE_PATH=preferred_username
+
+# 3. Map the Email
+GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE_PATH=email
+
+# 4. Map the Name (optional, but good for profile)
+GF_AUTH_GENERIC_OAUTH_NAME_ATTRIBUTE_PATH=name
\ No newline at end of file