Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up
for free
突然のグループ一斉在宅勤務開始!!1に おける働き方を変革する技術や仕組み
Kazuhiko Yamashita
January 24, 2021
Programming
4
430
突然のグループ一斉在宅勤務開始!!1に おける働き方を変革する技術や仕組み
JulyTechFesta 2021 Winterにてペパボのテレワーク開始に伴う課題を解決した技術の話をしました。
Kazuhiko Yamashita
January 24, 2021
Tweet
Share
More Decks by Kazuhiko Yamashita
See All by Kazuhiko Yamashita
pyama86
11
7.5k
pyama86
18
4.1k
pyama86
9
10k
pyama86
2
2k
pyama86
3
1.2k
pyama86
1
1.9k
pyama86
0
130
pyama86
0
150
pyama86
2
1.2k
Other Decks in Programming
See All in Programming
tkmnzm
0
140
selcukusta
2
110
itok
1
960
watilde
5
1.5k
nkjzm
1
220
grapecity_dev
0
190
oracle4engineer
0
120
kilometer
4
500
grapecity_dev
0
190
takapdayon
0
180
takapy
0
190
antonshilov
1
130
Featured
See All Featured
bkeepers
52
4.2k
andyhume
63
3.7k
rocio
155
11k
swwweet
206
6.9k
malarkey
119
16k
chriscoyier
683
180k
erikaheidi
14
4.3k
wjessup
339
16k
keithpitt
401
20k
qrush
285
19k
colly
188
14k
phodgson
87
3.9k
Transcript
ಥવͷάϧʔϓҰ੪ࡏۈ։࢝!!1ʹ ͓͚Δಇ͖ํΛมֵ͢Δٕज़Έ ʙౡݝ࢈ͷԴᥡΛ;ΜͩΜʹར༻ͨ͠ോαϒϨฤʙ
ࢁԼ!QZBNB (.0ϖύϘٕज़ج൫νʔϜ γχΞɾϓϦϯγύϧ UFOTOBQPODPN QZBNBGVO TUOTKQ
45/4 -JOVY/444FSWFS TUOTKQ
45/4
झຯ: Ωϟϯϓ
ϗεςΟϯάࣄۀ &$ࢧԉࣄۀ ϋϯυϝΠυɾͦͷଞࣄۀ
ϩϦϙοϓʂϨϯλϧαʔόαʔϏεఏڙ։࢝ ϔςϜϧαʔϏεఏڙ։࢝ ίʔυॻ͚Δͱӕ͍ͭͯϖύϘʹೖࣾޭʂʂ̍ ݄ ࣛࣇౡݝग़ਫࢢʹ͓͍ͯ1ࢁരʂʂ̍
ݱࡏɾۀ ϜʔϜʔυϝΠϯαʔϏεఏڙ։࢝ ౦ূҰ෦ࢦఆସ͑
None
None
None
GMOϖύϘ • શύʔτφʔʢैۀһʣ͕ςϨϫʔΫΛجຊͱ͢Δۈମ੍ • ίϩφΠϧεͷײછ֦େঢ়گʹΑͬͯɺग़ࣾΛڐՄ੍ʹ͢ΔͳͲ ੍ݶ͕͋Δ • ʹճ͋ΔࣾΠϕϯτʹࢀՃͰ͖ΔͳΒຊશࠃͲ͜ʹॅΜͰՄ • ςϨϫʔΫखͱͯࣗ͠ͷޫඅ௨৴අΛิॿ
※GMOάϧʔϓͰैۀһͷ͜ͱΛύʔτφʔͱݺͼ·͢
ʹى͖ͨ͜ͱ
None
༧ΊͰ͖͍ͯͨ͜ͱ ౦ژɺԬɺࣛࣇౡͱڌ͕Ε͍ͯΔͷͰɺڌؒͷΓऔΓΛߦ͏ͨΊͷ Έ͕උ͞Ε͍ͯͨ ఆظతʹࡏۈ܇࿅Λߦ͍ͬͯͨͷͰɺςϨϫʔΫͰ͖Δࣄલ४උ͕ Ͱ͖͍ͯͨ ձࣾͷنఆͰ͢ΒGitHub EnterpriseʹPRͯ͠࡞͞ΕΔۀϑϩʔͰ͋ͬͨ ͜ͱ͔ΒςΩετͰͷίϛϡχέʔγϣϯʹ৫ͱͯ͠ద༻Ͱ͖͍ͯͨ G SuiteOneLoginΛ࢝Ίͱ͢ΔSaaSͷҠߦΛਪਐ͍ͯͨͨ͠ΊɺۀͰར
༻͢ΔେମͷιϑτΣΞ͕ࣾ֎͔Βར༻Ͱ͖ͨ
ςϨϫʔΫҠߦޙʹͬͨ͜ͱ ZoomGoogle MeetɺSlackͷ͍ํͷάϥϯυϧʔϧΛఆΊͨ رऀΛରʹΦϑΟεͰར༻͍ͯͨ͠όϩϯνΣΞΛैۀһͷՈʹແྉ ૹɺି༩ PC༻σΟεϓϨΠిؾͷิॿ੍ۚԽ ډॅͷࣗ༝Խɺ໘ͷશΦϯϥΠϯԽ
ಥવͷάϧʔϓҰ੪ࡏۈ։࢝!!1ʹ͓ ͚Δಇ͖ํΛมֵ͢Δٕज़Έ
ڥքϞσϧ ϓϥΠϕʔτ Ϋϥυ ౦ژΦϑΟε ԬΦϑΟε ࣛࣇౡΦϑΟε VPN FW VPN ϖύϘʹ͓͍ͯओʹɺFromIPΛݩʹωοτϫʔΫͷ
ΞΫηεΛڐՄ͍ͯͨ͠
ڥքϞσϧ ϓϥΠϕʔτ Ϋϥυ ౦ژΦϑΟε ԬΦϑΟε ࣛࣇౡΦϑΟε VPN FW VPN ίϩφՒʹ͓͍ͯ
ഁ໓!!1 ӕͰ͢ɺ͜͜·Ͱ߽շʹഁ໓͓ͯ͠Βͣɺഁ໓͍͍͔͔ͬͯͨͬͨΒഁ໓ͬͯॻ͖·ͨ͠ɻ ഁ໓ɺϩυϦήε
ϩʔϚ1ʹͯ͠ͳΒͣ چདྷΑΓΒ͘FromIPͰͷ੍ݶΛߦ͍ͬͯͨͨΊɺଈ࠲ʹ΄͔ͷ ηΩϡϦςΟϞσϧͷҠߦࠔ Կ͔͠Βͷٕज़తΞϓϩʔνΛߦ͏ͨΊʹ·ͣΞΫηεܦ࿏Λ֬อ ͢Δඞཁ͕͋Δ
kanmon-kaikyo https://github.com/pyama86/kanmon-kaikyo
ओͳΞΫηε੍ޚSecurity Group ϖύϘͷຊ൪αʔόͷΞΫηεओʹOpenStackͷSecurity Group(SG) Λར༻੍ͯ͠ޚ͞Ε͍ͯΔ SGΛૢ࡞ͯ͠ಛఆͷIPΛFromIPʹ࣋ͭϗετ͔ΒͷSSHΛΞΫηε͢Δ CLIπʔϧͱͯ͠kanmonΛಉ྅ͷ @buty4649 ͕։ൃ͍ͯͨ͠
kanmon ࣗͷ*1ΛՃ͍ͨ͠4(ͷ*%ΛઃఆϑΝΠϧʹهड़ DBULBONPOZNM TFDVSJUZ@HSPVQ ڥมΛઃఆ FYQPSU04@64&3/".&VTFSOBNF FYQPSU04@1"44803%QBTTXPSE FYQPSU04@"65)@63-IUUQFYBNQMFDPNBVUIW ίϚϯυ࣮ߦ
LBONPOPQFO kanmon open
kanmonͷ՝ ͱͱΤϯδχΞ͕͏͜ͱΛఆͨ͠πʔϧͳͷͰɺ࣮ߦڥߏஙɺ ڥมͷઃఆͳͲɺΤϯδχΞҎ֎Ͱͷར༻ͷෑډ͕ߴ͍ ίϩφՒʹ͓͍ͯɺϖύϘͰσβΠφʔͦͷଞͷ৬छ͕SSHӽ͠ʹ σϓϩΠ͢Δഎܠ͔ΒɺΤϯδχΞҎ֎ͷ৬छΞΫηεखஈΛ֬อ͢Δ ඞཁ͕ੜ·Εͨ
kanmon-kaikyo kanmon- kaikyo 1. Slack͔ΒϘοτʹίϚϯυΛൃߦ 2. OAuthೝূ༻URL͕ฦ٫͞ΕΔ 3. ೝূΛύεͰ͖ͨͳΒɺ ೝূΛύεͨ͠ࡍͷIPΞυϨεΛ
ࢦఆͨ͠αʔόʹSSHڐՄ͢Δ 1.ίϚϯυൃߦ 2.OAuthೝূ 3. ΞΫηεڐՄ
kanmon-kaikyo FTTHͷIP࠶ར༻ʹΑΔηΩϡϦςΟϦεΫΛݮΒͨ͢Ίɺఆظతʹkanmon- kaikyoͰՃͨ͠ϙϦγʔΛআ͍ͯ͠Δ ϖύϘͷSSHଓݪଇSTNSΛར༻ͨ͠ެ։伴ೝূɺೝՄΛߦ͍ͬͯΔͨΊɺ IP + ެ։伴ͷଟཁૉͰೝূ͞Ε͍ͯΔ
kanmon-kaikyo
͕ɺ͔͠͠ɺ ಇ͘ॴෆͳͷʹ IPʹറΒΕͯΔԶͨͪ
IPʹΑΔ੍ޚΛΊ͍͕ͨ ଟޚͷ͕Ұͭͳ͘ͳΔ
pam-google-web-oauth-rs https://github.com/pyama86/pam-google-web-oauth-rs
None
pam-google-web-oauth-rs SSHೝূΛެ։伴 + OAuthೝূͷଟཁૉೝূԽ͢ΔPAMϞδϡʔϧɻྨࣅʹ google/google-authenticator-libpam ͕͋Δ͕ɺͪ͜ΒOTPํࣜɻϖύϘG Suiteಋೖ͔ͭG Suiteࣗମ͕2FAඞਢͳͷͰ৫ʹϑΟοτ͢ΔιϑτΣΞΛ ॻ͍ͨ ݩʑGo
+ CͰॻ͍͍͕ͯͨɺWEB + Linuxϓϩάϥϛϯάͷάϧʔݴޠͱ͠ ͯRustͰॻ͍ͨ΄͏͕εοΩϦॻ͚ͨͷͰษڧΛ݉Ͷͯॻ͖ͨ͠ ݱࡏϖύϘͰओʹ౿ΈαʔόʹΠϯετʔϧ͠ɺଟཁૉೝূΛར༻͍ͯ͠Δ
͜͜·Ͱͨ͜͠ͱ ग़ࣾͰ͖ͳ͍ɺVPNαʔόͷ͕ൃੜ͠ɺ͜Ε·ͰͷIPΛར༻ͨ͠ΞΫ ηε੍ޚ͕ϑΟοτ͠ͳ͘ͳ͖ͬͯͨ Ұ࣌తͳΞΫηεܦ࿏ΛΤϯδχΞɺσβΠφʔ͕Slack͔Βར༻Ͱ͖Δ Α͏ʹͨ͠ SSHଓʹଟཁૉೝূΛ༻͍Δ͜ͱͰɺੈքத͔Β҆શʹΞΫηεͰ͖Δ Α͏ʹͨ͠
ۀγεςϜͷΞΫηεܦ࿏
ࡐ͝ͱͷސ٬ཧΞϓϦ ސ٬ɺܖใͷӾཡ σʔλϝϯςφϯε ཤྺཧ
ސ٬ཧΞϓϦ͋Δ͋Δૣ͘ݴ͍͍ͨ ͓٬༷ʹ͢ΔϑϩϯτΞϓϦͰͳ͍ͨΊɺOSɺϓϩάϥϛϯά ݴޠɺϥΠϒϥϦͷόʔδϣϯΞοϓͳͲ͕ޙճ͠ʹͳΓ͕ͪ ༏ઌ͕Լ͛ΒΕ͕ͪͰɺʮ͑ͬʂࠓͲ͖͜͏͍͏ڍಈ͋Δͷʁʁʁʯͬ ͍ͯ͏࣮͕Γ͕ͪ
ͦΕͰࣾ֎͔Β҆શʹར༻͍ͨ͠ github.com/oauth2-proxy/oauth2-proxy oauth2-proxyΛ࠾༻͠ɺސ٬ཧΞϓϦͷલஈʹ OAuthೝূΛՃ͠ɺSSOग़དྷΔΑ͏ʹͨ͠
oauth2-proxyΛར༻ͨ͠SSO SG App DBʹొ͞Εͨ ϢʔβʔIDͰೝূ&ೝՄ ڐՄ͞ΕͨIP͔Β ͷΈΞΫηεՄೳ oauth2-proxy App oaut2-proxy͔Β࿈ܞ͞Εͨ
ϔομใͰೝূ GoogleGitHubͷ ΞΧϯτͰOAuthೝূ before after
oauth2-proxyΛར༻ͨ͠SSO nginx oauth2-proxy client server { location /oauth2/ { proxy_pass
http://127.0.0.1:4180; ... } location = /oauth2/auth { proxy_pass http://127.0.0.1:4180; ... } location / { auth_request /oauth2/auth; error_page 401 = /oauth2/sign_in; ... } }
oauth2-proxyΛར༻ͨ͠SSO nginx oauth2-proxy proxy_set_header X-User $user; proxy_set_header X-Email $email; App
nginx͔ΒϓϩΩγ͢Δ߹ʹϦΫΤετϔομʹ ϢʔβʔIDϝʔϧΞυϨεΛຒΊࠐΊΔ HTTPϔομΛݩʹSSO͢Δ߹ɺ ඞͣΞΫηεݩͷIPΛνΣοΫ͢Δඞ ཁ͕͋Δɻෆਖ਼ͳதܧʹΑͬͯΞΧ ϯτ͕ͬऔΒΕΔՄೳੑ͕͋Δɻ
oauth2-proxy طଘͷΞϓϦͷલஈʹoauth2-proxyΛஔͯ͠͏༻్ͷͨΊɺ෯͍ ΞϓϦέʔγϣϯʹӨڹͳ͘OAuthೝূΛద༻Մೳ ೝূՄೳͳϝʔϧΞυϨευϝΠϯGitHub TeamࢦఆՄೳͳͷͰɺ ਖ਼͘͠ઃఆ͢Ε҆શʹ׆༻Ͱ͖Δ υΩϡϝϯτφϨοδॆ࣮͓ͯ͠Γɺಋೖָ͕
WEBϒϥβ OAuthͰ͍͍͚Ͳɺ CLI͔Β࣮ߦ͞ΕΔΞϓϦʁ
Vault by Hashicorp ϖύϘͰTLS҉߸Խ௨৴ʹར༻͢Δ伴ͷ ཧΛVaultͷPublic Key Infrastructure(PKI) Secret EngineΛར༻͍ͯ͠Δɻ
Vault by Hashicorp vault server api.pepabo.com consul-template client consul-template TLS҉߸Խ௨৴
Vault͕͍ग़͢伴Λར༻ͯ͠ɺαʔό ʙ ΫϥΠΞϯτؒͷ ௨৴ΛTLSΫϥΠΞϯτೝূ&௨৴Ͱ҉߸Խ
Vault by Hashicorp WBVMUTFDSFUTFOBCMFEFTDSJQUJPOTFSWJDFDPOTVMQLJNBYMFBTFUUMIQLJ WBVMUXSJUFQLJSPMFTTFSWJDFDPOTVMBMMPXFE@EPNBJOTTFSWJDFDPOTVMa BMMPX@TVCEPNBJOTUSVFNBY@UUMI kanmon open VaultൿಗใΛ҆શʹཧग़དྷΔιϑτΣΞ
ͦͷػೳͷҰ͕ͭެ։伴ج൫ xxx.service.consul ͷެ։伴Λཧ͢Δઃఆ
consul-template UFNQMBUF\ DPOUFOUT\\XJUITFDSFUaQLJJTTVFTFSWJDFDPOTVMa aDPNNPO@OBNFWBVMUTFSWJDFDPOTVMa^^\\%BUBJTTVJOH@DB^^\\FOE^^ EFTUJOBUJPOVTSTIBSFDBDFSUJpDBUFTFYUSB7BVMU@3PPU@$"DSU DPNNBOETVEPVTSMPDBMTCJOVQEBUF@DB@DFSUT ^ kanmon open HashicorpͷιϑτΣΞͱ࿈ܞͯ͠ɺϑΝΠϧΛग़ྗͨ͠Γɺ
ίϚϯυΛ࣮ߦͨ͠Γग़དྷΔϛυϧΣΞ Vaultͷ pki/issue/service-consulͷΤϯυϙΠϯτ͔Βূ໌ॻΛऔಘ͢Δ
consul-template ূ໌ॻͷ༗ޮظݶΛࢹͯ͠ɺظݶΕલʹࣗಈͰߋ৽ͯ͘͠ΕΔͷͰূ ໌ॻཧͷख͕ؒͳ͍ ໋ͳূ໌ॻΛൃߦ͢Δ͜ͱͰɺैۀһͷୀ৬࣌ʹࣗಈͰࣦޮͤ͞Δͳ Ͳͷॲཧ͕༰қͰ͋Δ
Vault by Hashicorp vault server api.pepabo.com consul-template client consul-template TLS҉߸Խ௨৴
Vault͕͍ग़͢伴Λར༻ͯ͠ɺαʔό ʙ ΫϥΠΞϯτؒͷ ௨৴ΛTLSΫϥΠΞϯτೝূ&௨৴Ͱ҉߸Խ ΫϥΠΞϯτʹͲͷΑ͏ʹ伴Λ͢Δ ͷ͔͕େ͖ͳ՝ʹͳͬͨ
kagiana pyama86/kagiana
kagiana WEBϒϥβͰkagianaͷUIʹΞΫηεͯ͠ೝূޙɺVaultʹTLS௨৴͢ΔͨΊͷ伴Λμϯϩʔυ •
ʮ͜Εϒϥβ։͘ͷ໘͔ͩΒCLIͰͰ͖ͳ͍͔͢Ͷʁʯ
STNSΛར༻ͨ͠ެ։伴ೝূ STNS kagiana client ެ։伴Ͱ νϟϨϯδίʔυΛ෮߸ νϟϨϯδίʔυ νϟϨϯδίʔυΛൿີ伴Ͱॺ໊ͯ͠ૹ৴ 7BVMUʹΞΫηε͢Δ伴ͷ stns/libstns-goΛ։ൃ͠ɺSTNSΛར༻ͨ͠ೝূΛՄೳʹͨ͠
ೝূཁٻ
͜͜·Ͱͨ͜͠ͱ ސ٬ཧγεςϜͳͲͷैۀһ͕ར༻͢ΔͨΊͷΞϓϦέʔγϣϯมߋ༰Λ গͳ͘ɺ҆શʹར༻͢ΔͨΊʹɺoauth2-proxyͰೝূΛߦ͏Α͏ʹͨ͠ ։ൃऀ͕ར༻͢ΔAPITLSΫϥΠΞϯτೝূΛߦ͏Α͏ʹͯ͠ɺ伴ͷ Vault + kagianaΛར༻ͯ͠ߦ͍ͬͯΔ
ઢ OAuth2.0ೝূ
ೝূͱೝՄ ೝূ ೝՄ ୭Ͱ͋Δ͔Λಛఆ͢Δ Կ͕ग़དྷΔͷ͔ΛڐՄ͢Δ
OAuth(2.0)ݫີʹೝՄͷ༷ RFC 6749ʹͯఆٛ ͍͔ͭ͘ͷ࣮ύλʔϯ͕༗ΓɺࣗͰೝՄαʔό࣮͢Δ߹ɺ࣮ ύλʔϯʹΑͬͯೝূίʔυͷ͍ճ͠ͳͲͷ੬ऑੑੜΜͰ͠·͏ ʮOAuth 2.0 શϑϩʔͷਤղͱಈը※ʯ͕͓͢͢Ί ※ https://qiita.com/TakahikoKawasaki/items/200951e5b5929f840a1f
ͳΜͱͳ͘ೝՄͪ͠Όͬͯ·ͤΜ͔ʁ TwitterͰΑ͘ݟΔGenerator ྑṖWifi ೝՄ༻๏༻ྔΛकͬͯਖ਼͘͠
ܹ͘͠ઢ
ۭલͷ ΩϟϯϓϒʔϜ ౸དྷ
ࠓʂʂʂʂʂʂʂ Ωϟϯϓ͕ʂʂʂ དྷͯ·͢ʂʂʂʂ
શ͘༧͕औΕͳ͍ि https://booking.montbell.jp/lodging/site.php?site_id=3 WEB༧ɺޮత͙͗ͯ͢͢ຒ·Δ
ͦΕͰԶΩϟϯϓʹߦ͖͍ͨ https://github.com/pyama86/camp 1. ৗࣝతͳසͰαΠτΛΫϩʔϧ 2.αΠτʹۭ͖͕ग़ͨΒɺLINEʹଈ௨ 3. ͋ΒΏΔ࡞ۀΛࢭΊͯɺ ΩϟϯϓαΠτΛ༧
ؓٳ
ಥવͷάϧʔϓҰ੪ࡏۈ։࢝!!1ʹ͓ ͚Δಇ͖ํΛมֵ͢Δٕज़Έ
ςϨϫʔΫΛجຊͱͨ͠ ձ͔ࣾͩΒͦ͜ɺ ςϨϫʔΫ্͕ख͍ձࣾʹͳΓ͍ͨ
ςϨϫʔΫҠߦޙʹͬͨ͜ͱ ZoomGoogle MeetɺSlackͷ͍ํͷάϥϯυϧʔϧΛఆΊͨ رऀΛରʹΦϑΟεͰར༻͍ͯͨ͠όϩϯνΣΞΛैۀһͷՈʹແྉ ૹɺି༩ PC༻σΟεϓϨΠిؾͷิॿ੍ۚԽ ډॅͷࣗ༝Խɺ໘ͷશΦϯϥΠϯԽ
໘ͷΦϯϥΠϯԽ ໘Google MeetΛར༻࣮ͯ͠ࢪ Ϩδϡϝ໘ཤྺཧʹ࠾༻ཧγεςϜTalentioΛ࠾༻ ϦϞʔτͰ࠾༻ͷεϐʔυΛ্͛ΔͨΊ௨Λ
talentio-notifier pyama86/talentio-notifier
ϖύϘͷ໘ϑϩʔ ॻྨ৹ࠪ 1࣍໘ 2࣍໘ һ໘ ɹ࠾༻ʂʂ̍ ෳճͷ໘Ͱٕೳ໘ɺΧϧνϟʔϚονͳͲΛ͓͠·͢
pyama͕ղܾ͔ͨͬͨ͠՝ εϐʔυײͷͳ͍ձࣾͰಇ͖͍ͨͱ͕ࣗࣗࢥΘͳ͍ͷͰɺԠื͔Β ߹൱࿈བྷ·ͰͷϦʔυλΠϜΛݮ͍ͨ͠ ໘ʹඞ༻ͳใ͕ඞ༻ͳͱ͖ʹಧ͘Α͏ʹ͍ͨ͠
TalentioͷAPIΛར༻͠ɺ௨ΛࣗಈԽ ॻྨબߟɺ໘ධఆͷهೖΛϦϚΠϯυ ໘10લʹTalentioͷϨδϡϝϖʔδͷ ϦϯΫΛࣗಈͰ௨ ࠾༻νϟϯωϧʹ୭ʹɺͲ͏͍ͬͨґཔΛ ௨ͨ͠ͷ͔ΛೲظΛؚΊͯߘ͢Δ͜ͱ Ͱ࠾༻୲τϨʔγϯάՄೳ
ςϨϫʔΫʹ͓͍ͯ Slackେ׆༂
શһϦϞʔτͰ͋Δ͕Ώ͑ʹɺ୭͕͍·੮ͷ લʹ͍Δͷ͔ɺ୭͕ࠓ͝൧Λ৯͍ͯΔͷ͔ Θ͔Βͳ͍ͷͰɺSlackͰͦΕͧΕใࠂ͠ ͍͋ͬͯͨ ۈଵͷใࠂ੮SlackΛ׆༻
୭͕͍Δ͔͍ͳ͍͔SlackͷྲྀΕͰ ͍͖Εͳ͍ ΦϑΟεͰͪΐͬͱ੮Λཱͯݟ͑ͨ ͋ͷਓΠϯλʔωοτӽ͠Ͱݟ͑ͳ͍ ςϨϫʔΫΒ͠ͱີͰ͋Δ͕ Ώ͑ʹɺࣗ༝͕ߴ͘੮૿͕͑ͪ ܅ͱաͨ͝͠ՆઈରʹΕͳ͍ SlackϑϩʔใͳͷͰෆ͖ͳ͜ͱ͋Δ
Away From Keybord ϝϯγϣϯͰݺΕͨࡍʹ੮Λͭͨ͑ͨΓɺఆܗใࠂΛίϚϯυԽ
Away From Keybord ϝϯγϣϯΛ͛Δͱෆࡏ͕͙͢Θ͔Γɺ ͙͢ରԠ͕ग़དྷΔ ۈ։࢝ͳͲఆܗใࠂʹ͍ɺ͓·͚Λ ͚ͭΔ͜ͱͰɺศརʹར༻ଅਐ
࠷ۙSlackͰ͍ͯ͠Δ͜ͱ https://github.com/pyama86/issuer-bot ϑϩʔใΛετοΫใม͢Δ SlackͰϦΞΫγϣϯΛ͚ͭΔͱϘοτ͕ͦͷ༰Λసه͢ΔGitHub IssueͷURLΛൃߦ
ศར͗ͯ͢৭ʑॻ͍ͯ͠·͍͕ͪ ಉ྅ͷґཔΛSlackʹʑॻ͍ͯ͠·͏ɺͦͯ͠ྲྀΕΔ େࣄͳ͓ΒͤͳͷʹSlackʹ͔͠ใ͕ͳ͍ɺͦͯ͠ྲྀΕΔ αʔϏε͔ΒͷΞϥʔτɺେࣄ͚ͩͲSlackͷ௨͕ᷓΕͯɺྲྀΕΔ ͜Μͳ͔࣌ͩΒͦ͜ɺߟ͑Δ͜ͱ͕͋Δ
ใͷੜଘظؒΛҙࣝͨ͠ ίϛϡχέʔγϣϯ͕ٻΊΒΕΔ GibHub IssueNotionͳͲੜଘظ͕ؒ͘ɺݕࡧ͕͍͢͠ഔମΛ ར༻͢Δ SlackͰΓऔΓͨ͠༰ςϨϏ௨ͨ͠༰Λจࣈىͯ͜͠͠ɺ ੜଘظ͕͍ؒഔମʹه͢Δ͜ͱ͕কདྷͷ୭͔Λॿ͚Δ͜ͱʹͳΔ
ࠓͨ͜͠ͱ
GMOϖύϘ • શύʔτφʔʢैۀһʣ͕ςϨϫʔΫΛجຊͱ͢Δۈମ੍ • ίϩφΠϧεͷײછ֦େঢ়گʹΑͬͯɺग़ࣾΛڐՄ੍ʹ͢ΔͳͲ ੍ݶ͕͋Δ • ʹճ͋ΔࣾΠϕϯτʹࢀՃͰ͖ΔͳΒຊશࠃͲ͜ʹॅΜͰՄ • ςϨϫʔΫखͱͯࣗ͠ͷޫඅ௨৴අΛิॿ
※GMOάϧʔϓͰैۀһͷ͜ͱΛύʔτφʔͱݺͼ·͢
None
ڥքϞσϧ ϓϥΠϕʔτ Ϋϥυ ౦ژΦϑΟε ԬΦϑΟε ࣛࣇౡΦϑΟε VPN FW VPN ίϩφՒʹ͓͍ͯ
ഁ໓!!1 ӕͰ͢ɺ͜͜·Ͱ߽շʹഁ໓͓ͯ͠Βͣɺഁ໓͍͍͔͔ͬͯͨͬͨΒഁ໓ͬͯॻ͖·ͨ͠ɻ ഁ໓ɺϩυϦήε
՝Λղܾ͢ΔͨΊʹίʔυΛॻ͍ͨΓOSS׆༻ͨ͠ kanmon-kaikyo - SGͷ։ดΛSlackͰ࣮ߦ pam-google-web-oauth-rs - SSHΛଟཁૉೝূԽ oauth2-proxy - طଘͷίʔυʹӨڹΛগͳ͘OAuthೝূʹରԠ
kagiana - VaultʹΞΫηε͢ΔͨΊͷ伴ΛOAuthೝূޙʹ
ςϨϫʔΫΛݪଇͱͨ͠ ձ͔ࣾͩΒͦ͜ɺ ςϨϫʔΫ্͕ख͍ձࣾʹͳΓ͍ͨ
ςϨϫʔΫҠߦޙʹͬͨ͜ͱ ZoomGoogle MeetɺSlackͷ͍ํͷάϥϯυϧʔϧΛఆΊͨ رऀΛରʹΦϑΟεͰར༻͍ͯͨ͠όϩϯνΣΞΛैۀһͷՈʹແྉ ૹɺି༩ PC༻σΟεϓϨΠిؾͷิॿ੍ۚԽ ډॅͷࣗ༝Խɺ໘ͷશΦϯϥΠϯԽ
TalentioͷAPIΛར༻͠ɺ௨ΛࣗಈԽ ॻྨબߟɺ໘ධఆͷهೖΛϦϚΠϯυ ໘10લʹTalentioͷϨδϡϝϖʔδͷ ϦϯΫΛࣗಈͰ௨ ࠾༻νϟϯωϧʹ୭ʹɺͲ͏͍ͬͨґཔΛ ௨ͨ͠ͷ͔ΛೲظΛؚΊͯߘ͢Δ͜ͱ Ͱ࠾༻୲τϨʔγϯάՄೳ
୭͕͍Δ͔͍ͳ͍͔SlackͷྲྀΕͰ ͍͖Εͳ͍ ΦϑΟεͰͪΐͬͱ੮Λཱͯݟ͑ͨ ͋ͷਓΠϯλʔωοτӽ͠Ͱݟ͑ͳ͍ ςϨϫʔΫΒ͠ͱີͰ͋Δ͕ Ώ͑ʹɺࣗ༝͕ߴ͘੮૿͕͑ͪ ܅ͱաͨ͝͠ՆઈରʹΕͳ͍ SlackϑϩʔใͳͷͰෆ͖ͳ͜ͱ͋Δ
Away From Keybord ϝϯγϣϯͰݺΕͨࡍʹ੮Λͭͨ͑ͨΓɺఆܗใࠂΛίϚϯυԽ
࠷ۙSlackͰ͍ͯ͠Δ͜ͱ https://github.com/pyama86/issuer-bot ϑϩʔใΛετοΫใม͢Δ SlackͰϦΞΫγϣϯΛ͚ͭΔͱϘοτ͕ͦͷ༰Λసػ͢ΔGitHub IssueͷURLΛൃߦ
࠷ޙʹ ίϩφՒͰ৭ʑͳΈΛ࡞Δ্Ͱײͨ͜͡ͱɺ͜Ε·Ͱͱߟ͑ํΛ ม͑ͳ͍ͱߦ͚ͳ͍෦͕ଟ͍ ςϨϫʔΫΒ͠ͱີͰ͋Δ͜ͱ ͜Ε·ͰՄࢹൣғʹ͋ͬͨͷ͕ݟ͑ͳ͍͜ͱ ಉ࣭ԽͷఔʹΑΓΞϓϩʔν͕ҧ͏͜ͱ
͓͠·͍ ࠷৽ͷ࠾༻ใΛνΣοΫˠ !QC@SFDSVJU