If the server is not already setup for web traffic, install Apache, MySQL, PHP, and dependancies. You can do this with the commands in the setup documentation.
Tableau has excellent documentation on connecting OneLogin to Tableau Online. https://onlinehelp.tableau.com/current/online/en-us/saml_config_onelogin.htm
Make sure to follow the additional setup steps in the Tableau Online documentation.
In the OneLogin system, ensure you have turned OFF framing protection by going to "Settings->Account Settings". At the bottom of the page, ensure that "Framing Protection" is disabled by "checking" the box next to it. (Make sure to hit "Save" after checking the box! They hide it at the top of the page.)
Then, setup an new App of type "Tableau Online SSO". (In addition to the one you already setup for Tableau Online)
Name this one after the portal.
For the "Consumer URL", paste in the url to the homepage of the portal. For "Audience", put in the portal url without the trailing /, of http/https.
Go to the "SSO" tab for the settings needed for the Portal Setup.
In the /backend settings, go to the Settings->Tableau Server Settings->Authentication area. Select "SAML". For the Entity ID and IdP ID, put in the "Audience" that you added to OneLogin.
For the SignOn URL, put the "SAML 2.0 Endpoint (HTTP)" url found in the SSO tab of the App in OneLogin.
For the SignOut URL, put the "SLO Endpoint (HTTP)" url found in the SSO tab of the App in OneLogin.
Hover over "More Actions" in the OneLogin system. Export the SAML Metadata. Open this file with a text editor and copy/paste the certificate from the file into the Certificate area of Tableau Server.