Accepting request 768057 from home:darix:apps

- update to 1.9.1
  Fix bug where setting mau_limit_reserved_threepids config would
  cause Synapse to refuse to start. (#6793)

- package cleanup
  - make sure we have all libraries to actually install the package:
    - buildrequires all runtime requirements
    - (build)require python3-typing_extensions
  - having it use the python package name is not really useful here.
  - refreshed and renamed better-paths.patch to
    matrix-synapse-1.4.1-paths.patch
  - also fix existing synapse user
    - group to synapse instead of nogroup
    - home directory to /var/lib/matrix-synapse
    - shell to /bin/false (which actually exists)
  - improvements to the logging configuration:
    - install copy of the current /etc/matrix-synapse/log.yaml as
      /etc/matrix-synapse/log.systemd.yaml
    - install /etc/matrix-synapse/log.file.yaml which logs to
      /var/log/matrix-synapse/homeserver.log
    - add the log directory /var/log/matrix-synapse/
  - added README.SUSE
  - better way to bootstrap a new config:
    1. ExecStartPre would have never worked anyway
    2. added %{_sbindir}/matrix-synapse-generate-config
    Usage:
    %{_sbindir}/matrix-synapse-generate-config servername
  - fix group and shell for the synapse user
  - added better-paths.patch
    - put the pid file into /run/matrix-synapse/
    - use a default logging config in /etc/matrix-synapse/log.yaml
      to have systemd logging by default
  - use full path in the service file
  - actually use source 50 instead of the service file in the tarball
  - make permissions tighter on the config files as it contains
    passwords and other secrets:
    root:synapse u=rwX,g=rX,o=

OBS-URL: https://build.opensuse.org/request/show/768057
OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=111

README.SUSE

@@ -0,0 +1,8 @@
+ README.SUSE
+-------------
+
+ Bootstrapping a server
+========================
+
+/usr/sbin/matrix-synapse-generate-config servername
+

_service

@@ -5,7 +5,11 @@
     <param name="url">https://github.com/matrix-org/synapse.git</param>
     <param name="scm">git</param>
     <param name="versionrewrite-pattern">v(.*)</param>
-    <param name="revision">v1.9.0</param>
+    <!--
+    <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
+    <param name="versionrewrite-replacement">\1~\2</param>
+    -->
+    <param name="revision">v1.9.1</param>
   </service>
   <service name="set_version" mode="disabled"/>
   <service name="tar" mode="buildtime"/>

matrix-synapse-1.4.1-paths.patch

@@ -0,0 +1,83 @@
+Index: matrix-synapse-1.4.1/contrib/example_log_config.yaml
+===================================================================
+--- matrix-synapse-1.4.1.orig/contrib/example_log_config.yaml
++++ matrix-synapse-1.4.1/contrib/example_log_config.yaml
+@@ -26,7 +26,7 @@ handlers:
+   file:
+     class: logging.handlers.RotatingFileHandler
+     formatter: fmt
+-    filename: /var/log/synapse/homeserver.log
++    filename: /var/log/matrix-synapse/homeserver.log
+     maxBytes: 100000000
+     backupCount: 3
+     filters: [context]
+Index: matrix-synapse-1.4.1/synapse/config/key.py
+===================================================================
+--- matrix-synapse-1.4.1.orig/synapse/config/key.py
++++ matrix-synapse-1.4.1/synapse/config/key.py
+@@ -100,7 +100,7 @@ class KeyConfig(Config):
+             signing_key_path = config.get("signing_key_path")
+             if signing_key_path is None:
+                 signing_key_path = os.path.join(
+-                    config_dir_path, config["server_name"] + ".signing.key"
++                    '/etc/matrix-synapse/keys.d', config["server_name"] + ".signing.key"
+                 )
+ 
+             self.signing_key = self.read_signing_keys(signing_key_path, "signing_key")
+@@ -165,7 +165,7 @@ class KeyConfig(Config):
+     def generate_config_section(
+         self, config_dir_path, server_name, generate_secrets=False, **kwargs
+     ):
+-        base_key_name = os.path.join(config_dir_path, server_name)
++        base_key_name = os.path.join('/etc/matrix-synapse/keys.d', server_name)
+ 
+         if generate_secrets:
+             macaroon_secret_key = 'macaroon_secret_key: "%s"' % (
+Index: matrix-synapse-1.4.1/synapse/config/logger.py
+===================================================================
+--- matrix-synapse-1.4.1.orig/synapse/config/logger.py
++++ matrix-synapse-1.4.1/synapse/config/logger.py
+@@ -89,7 +89,7 @@ class LoggingConfig(Config):
+         self.no_redirect_stdio = config.get("no_redirect_stdio", False)
+ 
+     def generate_config_section(self, config_dir_path, server_name, **kwargs):
+-        log_config = os.path.join(config_dir_path, server_name + ".log.config")
++        log_config = os.path.join('/etc/matrix-synapse/', server_name + ".log.config")
+         return (
+             """\
+         ## Logging ##
+Index: matrix-synapse-1.4.1/synapse/config/server.py
+===================================================================
+--- matrix-synapse-1.4.1.orig/synapse/config/server.py
++++ matrix-synapse-1.4.1/synapse/config/server.py
+@@ -379,7 +379,7 @@ class ServerConfig(Config):
+             bind_port = 8448
+             unsecure_port = 8008
+ 
+-        pid_file = os.path.join(data_dir_path, "homeserver.pid")
++        pid_file = os.path.join("/run/matrix-synapse", "homeserver.pid")
+ 
+         # Bring DEFAULT_ROOM_VERSION into the local-scope for use in the
+         # default config string
+Index: matrix-synapse-1.4.1/synapse/config/tls.py
+===================================================================
+--- matrix-synapse-1.4.1.orig/synapse/config/tls.py
++++ matrix-synapse-1.4.1/synapse/config/tls.py
+@@ -259,7 +259,7 @@ class TlsConfig(Config):
+         If the TLS paths are not specified the default will be certs in the
+         config directory"""
+ 
+-        base_key_name = os.path.join(config_dir_path, server_name)
++        base_key_name = os.path.join('/etc/matrix-synapse/keys.d', server_name)
+ 
+         if bool(tls_certificate_path) != bool(tls_private_key_path):
+             raise ConfigError(
+@@ -278,7 +278,7 @@ class TlsConfig(Config):
+         acme_enabled = bool(acme_domain)
+         acme_domain = "matrix.example.com"
+ 
+-        default_acme_account_file = os.path.join(data_dir_path, "acme_account.key")
++        default_acme_account_file = os.path.join('/etc/matrix-synapse/keys.d', "acme_account.key")
+ 
+         # this is to avoid the max line length. Sorrynotsorry
+         proxypassline = (

matrix-synapse-1.9.0.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f0e121b367ef51f4ffe7c19591bfaf5e1eb47cd9755ac129badac6541a592394
-size 26428429

matrix-synapse-1.9.1.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8376690a26848ba21ddb31ceb270820e1ac2fe9d8221e70cda5f70b52922d58b
+size 26428941

matrix-synapse-generate-config.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+CONFDIR="/etc/matrix-synapse"
+DATADIR="/var/lib/matrix-synapse"
+/usr/bin/python3 \
+    -m synapse.app.homeserver \
+    --config-path ${CONFDIR}/homeserver.yaml \
+    --config-directory="${CONFDIR}/conf.d/" \
+    --data-directory="${DATADIR}" \
+    --generate-config \
+    --generate-keys \
+    --report-stats=no \
+    --server-name $@
+chown -R root:synapse "${CONFDIR}"
+chmod -R u=rwX,g=rX,o= "${CONFDIR}"

matrix-synapse-test.spec

@@ -32,7 +32,7 @@
 
 %define         pkgname matrix-synapse
 Name:           %{pkgname}-test
-Version:        1.9.0
+Version:        1.9.1
 Release:        0
 Summary:        Test package for %{pkgname}
 License:        Apache-2.0

matrix-synapse.changes

@@ -1,3 +1,47 @@
+-------------------------------------------------------------------
+Tue Jan 28 14:34:39 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 1.9.1
+  Fix bug where setting mau_limit_reserved_threepids config would
+  cause Synapse to refuse to start. (#6793)
+
+-------------------------------------------------------------------
+Thu Jan 23 16:06:38 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- package cleanup
+  - make sure we have all libraries to actually install the package:
+    - buildrequires all runtime requirements
+    - (build)require python3-typing_extensions
+  - having it use the python package name is not really useful here.
+  - refreshed and renamed better-paths.patch to
+    matrix-synapse-1.4.1-paths.patch
+  - also fix existing synapse user
+    - group to synapse instead of nogroup
+    - home directory to /var/lib/matrix-synapse
+    - shell to /bin/false (which actually exists)
+  - improvements to the logging configuration:
+    - install copy of the current /etc/matrix-synapse/log.yaml as
+      /etc/matrix-synapse/log.systemd.yaml
+    - install /etc/matrix-synapse/log.file.yaml which logs to
+      /var/log/matrix-synapse/homeserver.log
+    - add the log directory /var/log/matrix-synapse/
+  - added README.SUSE
+  - better way to bootstrap a new config:
+    1. ExecStartPre would have never worked anyway
+    2. added %{_sbindir}/matrix-synapse-generate-config
+    Usage:
+    %{_sbindir}/matrix-synapse-generate-config servername
+  - fix group and shell for the synapse user
+  - added better-paths.patch
+    - put the pid file into /run/matrix-synapse/
+    - use a default logging config in /etc/matrix-synapse/log.yaml
+      to have systemd logging by default
+  - use full path in the service file
+  - actually use source 50 instead of the service file in the tarball
+  - make permissions tighter on the config files as it contains
+    passwords and other secrets:
+    root:synapse u=rwX,g=rX,o=
+
 -------------------------------------------------------------------
 Thu Jan 23 13:45:22 UTC 2020 - Aleksa Sarai <asarai@suse.com>
 
@@ -112,6 +156,10 @@ Fri Dec 13 13:23:59 UTC 2019 - Aleksa Sarai <asarai@suse.com>
   The full changelog is included in
   /usr/share/doc/packages/matrix-synapse/CHANGES.md.
 
+  https://github.com/matrix-org/synapse/releases/tag/v1.7.0
+  Please make sure to read the Upgrade notes referenced in the 
+  above.
+
 -------------------------------------------------------------------
 Thu Nov 28 17:41:02 UTC 2019 - Aleksa Sarai <asarai@suse.com>
 

matrix-synapse.obsinfo

@@ -1,5 +1,5 @@
 name: matrix-synapse
-version: 1.9.0
-mtime: 1579785199
-commit: 9bae740527c4621f9f8eb8ca936669f2372c42eb
+version: 1.9.1
+mtime: 1580216976
+commit: 77d9357226687a177c865bcdeaa0e750612fc078
 

matrix-synapse.service

@@ -11,7 +11,6 @@ User=synapse
 Group=synapse
 WorkingDirectory=/var/lib/matrix-synapse
 
-ExecStartPre=@PYTHON_FLAVOR@ -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
 ExecStart=@PYTHON_FLAVOR@ -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
 
 # Adjust the cache factor if necessary.

matrix-synapse.spec

@@ -22,6 +22,8 @@
 %bcond_without saml
 %bcond_without url_preview
 %bcond_without jwt
+# missing deps
+%bcond_with    opentracing
 # matrix-synapse-ldap isn't packaged on openSUSE.
 %bcond_with    ldap
 # txacme is broken in openSUSE.
@@ -44,15 +46,20 @@
 %define         modname synapse
 %define         pkgname matrix-synapse
 Name:           %{pkgname}
-Version:        1.9.0
+Version:        1.9.1
 Release:        0
 Summary:        Matrix protocol reference homeserver
 License:        Apache-2.0
 Group:          Productivity/Networking/Instant Messenger
 URL:            https://github.com/matrix-org/synapse
 Source0:        %{pkgname}-%{version}.tar.xz
+Source48:       README.SUSE
+Source49:       matrix-synapse.tmpfiles.d
 Source50:       %{pkgname}.service
+Source51:       matrix-synapse-generate-config.sh
+Patch:          matrix-synapse-1.4.1-paths.patch
 BuildRequires:  %{python_module base}
+BuildRequires:  %{python_module psutil >= 2.0.0}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  %{python_module treq >= 15.1.0}
 BuildRequires:  fdupes
@@ -65,64 +72,110 @@ Requires(pre):  shadow
 Requires:       %{python_flavor} >= 3.5
 %endif
 # NOTE: Keep this is in the same order as synapse/python_dependencie.py.
-Requires:       python-Pillow >= 4.3.0
-Requires:       python-PyNaCl >= 1.2.1
-Requires:       python-PyYAML >= 3.11
-Requires:       python-Twisted >= 18.9.0
-Requires:       python-attrs >= 17.4.0
-Requires:       python-bcrypt >= 3.1.0
-Requires:       python-canonicaljson >= 1.1.3
-Requires:       python-daemonize >= 2.3.1
-Requires:       python-frozendict >= 1
-Requires:       python-idna >= 2.5
-Requires:       python-jsonschema >= 2.5.1
-Requires:       python-msgpack >= 0.5.2
-Requires:       python-netaddr >= 0.7.18
-Requires:       python-phonenumbers >= 8.2.0
-Requires:       python-prometheus_client >= 0.4.0
-Requires:       python-pyOpenSSL >= 16.0.0
-Requires:       python-pyasn1 >= 0.1.9
-Requires:       python-pyasn1-modules >= 0.0.7
-Requires:       python-pymacaroons >= 0.13.0
-Requires:       python-service_identity >= 18.1.0
-Requires:       python-signedjson >= 1.0.0
-Requires:       python-six >= 1.10
-Requires:       python-sortedcontainers >= 1.4.4
-Requires:       python-treq >= 15.1
-Requires:       python-typing_extensions >= 3.7.4
-Requires:       python-unpaddedbase64 >= 1.1.0
+BuildRequires:  python3-Pillow >= 4.3.0
+Requires:       python3-Pillow >= 4.3.0
+BuildRequires:  python3-PyNaCl >= 1.2.1
+Requires:       python3-PyNaCl >= 1.2.1
+BuildRequires:  python3-PyYAML >= 3.11
+Requires:       python3-PyYAML >= 3.11
+BuildRequires:  python3-Twisted >= 18.9.0
+Requires:       python3-Twisted >= 18.9.0
+BuildRequires:  python3-attrs >= 17.4.0
+Requires:       python3-attrs >= 17.4.0
+BuildRequires:  python3-bcrypt >= 3.1.0
+Requires:       python3-bcrypt >= 3.1.0
+BuildRequires:  python3-bleach >= 1.4.3
+Requires:       python3-bleach >= 1.4.3
+BuildRequires:  python3-canonicaljson >= 1.1.3
+Requires:       python3-canonicaljson >= 1.1.3
+BuildRequires:  python3-daemonize >= 2.3.1
+Requires:       python3-daemonize >= 2.3.1
+BuildRequires:  python3-frozendict >= 1
+Requires:       python3-frozendict >= 1
+BuildRequires:  python3-idna >= 2.5
+Requires:       python3-idna >= 2.5
+BuildRequires:  python3-jsonschema >= 2.5.1
+Requires:       python3-jsonschema >= 2.5.1
+BuildRequires:  python3-msgpack >= 0.5.2
+Requires:       python3-msgpack >= 0.5.2
+BuildRequires:  python3-netaddr >= 0.7.18
+Requires:       python3-netaddr >= 0.7.18
+BuildRequires:  python3-phonenumbers >= 8.2.0
+Requires:       python3-phonenumbers >= 8.2.0
+BuildRequires:  python3-prometheus_client >= 0.4.0
+Requires:       python3-prometheus_client >= 0.4.0
+BuildRequires:  python3-psutil >= 2.0.0
+Requires:       python3-psutil >= 2.0.0
+BuildRequires:  python3-pyOpenSSL >= 16.0.0
+Requires:       python3-pyOpenSSL >= 16.0.0
+BuildRequires:  python3-pyasn1 >= 0.1.9
+Requires:       python3-pyasn1 >= 0.1.9
+BuildRequires:  python3-pyasn1-modules >= 0.0.7
+Requires:       python3-pyasn1-modules >= 0.0.7
+BuildRequires:  python3-pymacaroons >= 0.13.0
+Requires:       python3-pymacaroons >= 0.13.0
+BuildRequires:  python3-service_identity >= 18.1.0
+Requires:       python3-service_identity >= 18.1.0
+BuildRequires:  python3-signedjson >= 1.0.0
+Requires:       python3-signedjson >= 1.0.0
+BuildRequires:  python3-six >= 1.10
+Requires:       python3-six >= 1.10
+BuildRequires:  python3-sortedcontainers >= 1.4.4
+Requires:       python3-sortedcontainers >= 1.4.4
+BuildRequires:  python3-systemd  >= 231
+Requires:       python3-systemd  >= 231
+BuildRequires:  python3-typing_extensions >= 3.7.4
+Requires:       python3-typing_extensions >= 3.7.4
+BuildRequires:  python3-treq >= 15.1
+Requires:       python3-treq >= 15.1
+BuildRequires:  python3-unpaddedbase64 >= 1.1.0
+Requires:       python3-unpaddedbase64 >= 1.1.0
 # Specify all CONDITIONAL_REQUIREMENTS (we Require them to avoid no-recommends
 # breaking very commonly-used bits of matrix-synapse such as postgresql).
 %if %{with email_notifs}
-Requires:       python-Jinja2 >= 2.9
-Requires:       python-bleach >= 1.4.3
+BuildRequires:  python3-Jinja2 >= 2.9
+Requires:       python3-Jinja2 >= 2.9
 %endif
 %if %{with ldap}
-Requires:       python-matrix-synapse-ldap3 >= 0.1
+BuildRequires:  python3-matrix-synapse-ldap3 >= 0.1
+Requires:       python3-matrix-synapse-ldap3 >= 0.1
 %endif
 %if %{with postgres}
-Requires:       python-psycopg2 >= 2.7
+BuildRequires:  python3-psycopg2 >= 2.7
+Requires:       python3-psycopg2 >= 2.7
 %endif
 %if %{with acme}
-Requires:       python-txacme >= 0.9.2
+BuildRequires:  python3-txacme >= 0.9.2
+Requires:       python3-txacme >= 0.9.2
 %endif
 %if %{with saml}
-Requires:       python-pysaml2 >= 4.5.0
+BuildRequires:  python3-pysaml2 >= 4.5.0
+Requires:       python3-pysaml2 >= 4.5.0
 %endif
 %if %{with url_preview}
-Requires:       python-lxml >= 3.5.0
+BuildRequires:  python3-lxml >= 3.5.0
+Requires:       python3-lxml >= 3.5.0
 %endif
 %if %{with sentry}
-Requires:       python-sentry-sdk >= 0.7.2
+BuildRequires:  python3-sentry-sdk >= 0.7.2
+Requires:       python3-sentry-sdk >= 0.7.2
 %endif
 %if %{with jwt}
-Requires:       python-PyJWT >= 1.6.4
+BuildRequires:  python3-PyJWT >= 1.6.4
+Requires:       python3-PyJWT >= 1.6.4
+%endif
+%if %{with opentracing}
+BuildRequires:  python3-jaeger-client >= 4.0.0
+Requires:       python3-jaeger-client >= 4.0.0
+BuildRequires:  python3-opentracing   >= 2.2.0
+Requires:       python3-opentracing   >= 2.2.0
 %endif
 BuildArch:      noarch
-Provides:       matrix-synapse = %{version}
 # We only provide/obsolete python2 to ensure that users upgrade.
-Obsoletes:      python2-matrix-synapse < %{version}
-Provides:       python2-matrix-synapse = %{version}
+Obsoletes:      python2-matrix-synapse < %{version}-%{release}
+Provides:       python2-matrix-synapse = %{version}-%{release}
+Obsoletes:      python3-matrix-synapse < %{version}-%{release}
+Provides:       python3-matrix-synapse = %{version}-%{release}
 
 %python_subpackages
 
@@ -131,7 +184,7 @@ Synapse is a Python-based reference "homeserver" implementation of
 Matrix. Matrix is a system for federated Instant Messaging and VoIP.
 
 %prep
-%setup -q
+%autosetup -p1
 
 # Remove all un-needed #!-lines.
 find synapse/ -type f -exec sed -i '1{/^#!/d}' {} \;
@@ -143,12 +196,13 @@ find ./ -type f \
 	-exec sed -i '1s|^#!/usr/bin/python$|#!/usr/bin/%{python_flavor}|' {} \;
 
 # Update the python flavour in the service file.
-sed -i 's|@PYTHON_FLAVOR@|%{python_flavor}|g' %{S:50}
+sed -i 's|@PYTHON_FLAVOR@|%{_bindir}/%{python_flavor}|g' %{S:50}
 
 %build
 %python_build
 
 %install
+cp %{S:48} README.SUSE
 # We install scripts into /usr/lib to avoid silly conflicts with other pkgs.
 install -d -m 0755 %{buildroot}%{_libexecdir}/%{pkgname}
 %python_install "--install-scripts=%{_libexecdir}/%{pkgname}/"
@@ -159,35 +213,42 @@ ln -s %{_libexecdir}/%{pkgname}/synctl %{buildroot}%{_bindir}/synctl
 
 # Install default matrix-synapse configuration.
 # TODO: Switch to the debian default config.
-install -d -m 0755 %{buildroot}%{_sysconfdir}/%{pkgname}/conf.d
-install -D -m 0644 docs/sample_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/homeserver.yaml
-install -D -m 0644 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.yaml
+install -d -m 0750 \
+  %{buildroot}%{_sysconfdir}/%{pkgname}/ \
+  %{buildroot}%{_sysconfdir}/%{pkgname}/{conf,keys}.d/
+install -D -m 0640 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.yaml
+install -D -m 0640 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.systemd.yaml
+install -D -m 0640 contrib/example_log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.file.yaml
 
 # Man pages.
 install -D -m 0644 -t %{buildroot}%{_mandir}/man1 debian/*.1
 
-# Runtime-dir.
-mkdir -p %{buildroot}%{_rundir}/%{pkgname}
-
 # system configuration.
 mkdir -p %{buildroot}%{_sbindir}
 ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{pkgname}
+#
 install -D -m 0644 %{S:50} %{buildroot}%{_unitdir}/%{pkgname}.service
+install -D -m 0644 %{S:49} %{buildroot}%{_tmpfilesdir}/%{pkgname}.conf
+#
+install -D -m 0755 %{S:51} %{buildroot}%{_sbindir}/matrix-synapse-generate-config
 
 # User directory.
-install -d -m 0755 %{buildroot}%{_rundir}/%{pkgname}
+install -d -m 0750 %{buildroot}%{_rundir}/%{pkgname}
 install -d -m 0750 %{buildroot}%{_localstatedir}/lib/%{pkgname}
+install -d -m 0750 %{buildroot}%{_localstatedir}/log/%{pkgname}
 
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %pre
 getent group synapse >/dev/null || groupadd -r synapse
 getent passwd synapse >/dev/null || \
-    /usr/sbin/useradd -r -g synapse -s /sbin/nologin -c 'Matrix Synapse' \
-        -d %{_localstatedir}/lib/synapse synapse
+    /usr/sbin/useradd -r -g synapse -s /bin/false -c 'Matrix Synapse' \
+        -d %{_rundir}/%{pkgname} synapse
+usermod --shell=/bin/false --home=%{_localstatedir}/lib/%{pkgname} --gid=synapse synapse
 %service_add_pre %{pkgname}.service
 
 %post
+%tmpfiles_create %{_tmpfilesdir}/%{pkgname}.conf
 %service_add_post %{pkgname}.service
 
 %preun
@@ -196,26 +257,23 @@ getent passwd synapse >/dev/null || \
 %postun
 %service_del_postun %{pkgname}.service
 
-%if 0%{?suse_version} < 1500
 %files -n %{pkgname}
-%else
-%files %{python_files}
-%endif
-%defattr(-,root,root,-)
-%doc *.rst CHANGES.md
+%doc *.rst CHANGES.md README.SUSE
 %license LICENSE
-%dir %{_sysconfdir}/%{pkgname}
-%dir %{_sysconfdir}/%{pkgname}/conf.d
-%config(noreplace) %{_sysconfdir}/%{pkgname}/*.yaml
+%config(noreplace) %attr(-,root,synapse) %{_sysconfdir}/%{pkgname}/
 %dir %attr(0750,%{modname},%{modname}) %{_localstatedir}/lib/%{pkgname}
+%dir %attr(0750,%{modname},%{modname}) %{_localstatedir}/log/%{pkgname}
 %{python_sitelib}
 # Python helper scripts.
 %{_bindir}/synctl
 %{_libexecdir}/%{pkgname}
 # systemd service.
 %{_sbindir}/rc%{pkgname}
+%{_sbindir}/matrix-synapse-generate-config
 %{_unitdir}/%{pkgname}.service
+%{_tmpfilesdir}/%{pkgname}.conf
 # Man pages.
 %{_mandir}/man*/*
+%ghost %dir %attr(750,%{modname},%{modname}) /run/matrix-synapse
 
 %changelog

matrix-synapse.tmpfiles.d

@@ -0,0 +1,2 @@
+# Type Path                         Mode UID     GID     Age Argument
+d      /run/matrix-synapse          0750 synapse synapse -   -