diff --git a/system/services/authelia.nix b/system/services/authelia.nix
index 2acf8df5..f503b961 100644
--- a/system/services/authelia.nix
+++ b/system/services/authelia.nix
@@ -3,38 +3,42 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.authelia = {
-    image = "authelia/authelia:latest";
-    autoStart = true;
+}: let
+  autheliaVersion = "4.39.4";
+in {
+  virtualisation.oci-containers.containers = {
+    authelia = {
+      image = "authelia/authelia:${autheliaVersion}";
+      autoStart = true;
 
-    login = {
-      # Uses DockerHub by default
-      # registry = "";
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
 
-      # DockerHub Credentials
-      username = "christoph.urlacher@protonmail.com";
-      passwordFile = "${config.sops.secrets.docker-password.path}";
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [
+        # "pihole"
+      ];
+
+      ports = [
+        # "9091:9091"
+      ];
+
+      volumes = [
+        "authelia_config:/config"
+      ];
+
+      environment = {
+        TZ = "Europe/Berlin";
+      };
+
+      extraOptions = [
+        "--net=behind-nginx"
+      ];
     };
-
-    dependsOn = [
-      # "pihole"
-    ];
-
-    ports = [
-      # "9091:9091"
-    ];
-
-    volumes = [
-      "authelia_config:/config"
-    ];
-
-    environment = {
-      TZ = "Europe/Berlin";
-    };
-
-    extraOptions = [
-      "--net=behind-nginx"
-    ];
   };
 }