diff --git a/.env.sample b/.env.sample
index 7cd3972..09ba165 100644
--- a/.env.sample
+++ b/.env.sample
@@ -69,6 +69,7 @@ ALLOWED_DOMAINS=
 #SMTP_SECURE=true
 
 #OIDC_ENABLED=1
+#COMPOSE_YML="compose.yml:compose.oidc.yml"
 #OIDC_CLIENT_ID=
 #OIDC_AUTH_URI=
 #OIDC_TOKEN_URI=
@@ -77,3 +78,8 @@ ALLOWED_DOMAINS=
 #OIDC_DISPLAY_NAME="My Cool OpenId Connect Provider"
 #OIDC_SCOPES="openid profile email"
 #SECRET_OIDC_CLIENT_SECRET_VERSION=v1
+
+#GOOGLE_ENABLED=1
+#COMPOSE_YML="compose.yml:compose.google.yml"
+#GOOGLE_CLIENT_ID=
+#SECRET_GOOGLE_CLIENT_SECRET_VERSION=v1
diff --git a/abra.sh b/abra.sh
index ceeb459..70f8bc5 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,4 +1,4 @@
-export APP_ENTRYPOINT_VERSION=v3
+export APP_ENTRYPOINT_VERSION=v4
 
 delete_user() {
 	if [ -z "$1" ] || [ -z "$2" ]; then
diff --git a/compose.google.yml b/compose.google.yml
new file mode 100644
index 0000000..5b1d2ef
--- /dev/null
+++ b/compose.google.yml
@@ -0,0 +1,16 @@
+---
+version: "3.8"
+
+services:
+  app:
+    secrets:
+      - google_client_secret
+    environment:
+      - GOOGLE_CLIENT_ID
+      - GOOGLE_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
+      - GOOGLE_ENABLED
+
+secrets:
+  google_client_secret:
+    name: ${STACK_NAME}_google_client_secret_${SECRET_GOOGLE_CLIENT_SECRET_VERSION}
+    external: true
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index 0fc19dc..aad5a2b 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -1,10 +1,15 @@
 #!/bin/sh
 
 export AWS_SECRET_ACCESS_KEY=$(cat /run/secrets/aws_secret_key)
+
 {{ if eq (env "OIDC_ENABLED") "1" }}
 export OIDC_CLIENT_SECRET=$(cat /run/secrets/oidc_client_secret)
 {{ end }}
 
+{{ if eq (env "GOOGLE_ENABLED") "1" }}
+export GOOGLE_CLIENT_SECRET=$(cat /run/secrets/google_client_secret)
+{{ end }}
+
 export UTILS_SECRET=$(cat /run/secrets/utils_secret)
 export SECRET_KEY=$(cat /run/secrets/secret_key)
 export DATABASE_PASSWORD=$(cat /run/secrets/db_password)