il
9be4276676
deployment notes: - compare to Affine, maybe outline + memos can be substituted for affine
1.8 KiB
1.8 KiB
Memos
Prerequisite
Create database
- Create the password with
openssl rand -base64 32- Save this value in secrets.yaml in
postgresql.password.memos - Access infra server to create memos_db with
podman exec -it postgresql psql -U postgres
- Save this value in secrets.yaml in
CREATE USER memos WITH PASSWORD 'postgresql.password.memos';
CREATE DATABASE memos_db;
ALTER DATABASE memos_db OWNER TO memos;
Create oidc secret and hash
- Create the secret with
openssl rand -base64 32 - access to auth vm
podman exec -it authelia shauthelia crypto hash generate pbkdf2 --password 'memos.oidc.secret'
- Save this value in secrets.yaml in
memos.oidc.secretandmemos.oidc.hash
Add postgresql dump backup list
- name: Set connected services list
ansible.builtin.set_fact:
connected_services:
- ...
- "memos"
Configuration
Access to memos
- https://memos.ilnmors.com
- Create local-admin account
Set OIDC
-
Profile: Settings: Admin: SSO: Create
- Type: OAUTH2
- Template: Custom
- Provider ID: authelia
- Name: Authelia
- Client ID: memos
- Client secret: memos.oidc.secret
- Authorization endpoint: https://authelia.ilnmors.com/api/oidc/authorization
- Token endpoint: https://authelia.ilnmors.com/api/oidc/token
- User endpoint: https://authelia.ilnmors.com/api/oidc/userinfo
- Scopes: openid profile email
- Identifier: preferred_username
- Display Name: given_name
- Email: email
-
Create
-
Profile: Settings: Basic: My Account: SSO Accounts: Link
- Login with Authelia
- Accept
Disallow local login and signup
- Profile: Settings: Admin: System
- Disallow password auth: toggle
- Save
Change user name
- Profile: Settings: Basic: My Account: Edit