--- title: description: date: 2023-04-21 lang: zh-tw tags: - 樹莓派 - Linux - docker --- # 樹莓派筆記- Authelia:開啟OpenID Connect 這邊只會建立全域設定 對於每個應用都會有他各自的設定 OpenID Connect配置就會在個別的應用中 ## Authelia設置 :::warning `issuer_private_key`必須是RSA,長度至少大於2048,pem格式 可以使用Putty產生，記得轉換成OpenSSH key 就好 ::: ```yml= identity_providers: oidc: #used this site to generate the secret: https://www.grc.com/passwords.htm hmac_secret: "YOUR_KEY" issuer_private_key: | -----BEGIN RSA PRIVATE KEY----- . . . . -----END RSA PRIVATE KEY----- cors: endpoints: - authorization - token - revocation - introspection - userinfo allowed_origins: - "*" allowed_origins_from_client_redirect_uris: false clients: - id: TODO secret: "TODO" redirect_uris: - https://oidc.example.com:8080/oauth2/callback ``` ## Ref * https://www.authelia.com/configuration/identity-providers/introduction/ * https://florianmuller.com/setup-authelia-bare-metal-with-openid-and-cloudflare-tunnel-on-a-hardened-proxmox-lxc-ubuntu-22-04-lts-container#configureauthelia * https://medium.com/@Lola_Dam/guide-for-installing-outline-with-authelia-as-an-openid-provider-129a141f6090