402688c118
- update to 1.9.1 Fix bug where setting mau_limit_reserved_threepids config would cause Synapse to refuse to start. (#6793) - package cleanup - make sure we have all libraries to actually install the package: - buildrequires all runtime requirements - (build)require python3-typing_extensions - having it use the python package name is not really useful here. - refreshed and renamed better-paths.patch to matrix-synapse-1.4.1-paths.patch - also fix existing synapse user - group to synapse instead of nogroup - home directory to /var/lib/matrix-synapse - shell to /bin/false (which actually exists) - improvements to the logging configuration: - install copy of the current /etc/matrix-synapse/log.yaml as /etc/matrix-synapse/log.systemd.yaml - install /etc/matrix-synapse/log.file.yaml which logs to /var/log/matrix-synapse/homeserver.log - add the log directory /var/log/matrix-synapse/ - added README.SUSE - better way to bootstrap a new config: 1. ExecStartPre would have never worked anyway 2. added %{_sbindir}/matrix-synapse-generate-config Usage: %{_sbindir}/matrix-synapse-generate-config servername - fix group and shell for the synapse user - added better-paths.patch - put the pid file into /run/matrix-synapse/ - use a default logging config in /etc/matrix-synapse/log.yaml to have systemd logging by default - use full path in the service file - actually use source 50 instead of the service file in the tarball - make permissions tighter on the config files as it contains passwords and other secrets: root:synapse u=rwX,g=rX,o= OBS-URL: https://build.opensuse.org/request/show/768057 OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=111
84 lines
3.8 KiB
Diff
84 lines
3.8 KiB
Diff
Index: matrix-synapse-1.4.1/contrib/example_log_config.yaml
|
|
===================================================================
|
|
--- matrix-synapse-1.4.1.orig/contrib/example_log_config.yaml
|
|
+++ matrix-synapse-1.4.1/contrib/example_log_config.yaml
|
|
@@ -26,7 +26,7 @@ handlers:
|
|
file:
|
|
class: logging.handlers.RotatingFileHandler
|
|
formatter: fmt
|
|
- filename: /var/log/synapse/homeserver.log
|
|
+ filename: /var/log/matrix-synapse/homeserver.log
|
|
maxBytes: 100000000
|
|
backupCount: 3
|
|
filters: [context]
|
|
Index: matrix-synapse-1.4.1/synapse/config/key.py
|
|
===================================================================
|
|
--- matrix-synapse-1.4.1.orig/synapse/config/key.py
|
|
+++ matrix-synapse-1.4.1/synapse/config/key.py
|
|
@@ -100,7 +100,7 @@ class KeyConfig(Config):
|
|
signing_key_path = config.get("signing_key_path")
|
|
if signing_key_path is None:
|
|
signing_key_path = os.path.join(
|
|
- config_dir_path, config["server_name"] + ".signing.key"
|
|
+ '/etc/matrix-synapse/keys.d', config["server_name"] + ".signing.key"
|
|
)
|
|
|
|
self.signing_key = self.read_signing_keys(signing_key_path, "signing_key")
|
|
@@ -165,7 +165,7 @@ class KeyConfig(Config):
|
|
def generate_config_section(
|
|
self, config_dir_path, server_name, generate_secrets=False, **kwargs
|
|
):
|
|
- base_key_name = os.path.join(config_dir_path, server_name)
|
|
+ base_key_name = os.path.join('/etc/matrix-synapse/keys.d', server_name)
|
|
|
|
if generate_secrets:
|
|
macaroon_secret_key = 'macaroon_secret_key: "%s"' % (
|
|
Index: matrix-synapse-1.4.1/synapse/config/logger.py
|
|
===================================================================
|
|
--- matrix-synapse-1.4.1.orig/synapse/config/logger.py
|
|
+++ matrix-synapse-1.4.1/synapse/config/logger.py
|
|
@@ -89,7 +89,7 @@ class LoggingConfig(Config):
|
|
self.no_redirect_stdio = config.get("no_redirect_stdio", False)
|
|
|
|
def generate_config_section(self, config_dir_path, server_name, **kwargs):
|
|
- log_config = os.path.join(config_dir_path, server_name + ".log.config")
|
|
+ log_config = os.path.join('/etc/matrix-synapse/', server_name + ".log.config")
|
|
return (
|
|
"""\
|
|
## Logging ##
|
|
Index: matrix-synapse-1.4.1/synapse/config/server.py
|
|
===================================================================
|
|
--- matrix-synapse-1.4.1.orig/synapse/config/server.py
|
|
+++ matrix-synapse-1.4.1/synapse/config/server.py
|
|
@@ -379,7 +379,7 @@ class ServerConfig(Config):
|
|
bind_port = 8448
|
|
unsecure_port = 8008
|
|
|
|
- pid_file = os.path.join(data_dir_path, "homeserver.pid")
|
|
+ pid_file = os.path.join("/run/matrix-synapse", "homeserver.pid")
|
|
|
|
# Bring DEFAULT_ROOM_VERSION into the local-scope for use in the
|
|
# default config string
|
|
Index: matrix-synapse-1.4.1/synapse/config/tls.py
|
|
===================================================================
|
|
--- matrix-synapse-1.4.1.orig/synapse/config/tls.py
|
|
+++ matrix-synapse-1.4.1/synapse/config/tls.py
|
|
@@ -259,7 +259,7 @@ class TlsConfig(Config):
|
|
If the TLS paths are not specified the default will be certs in the
|
|
config directory"""
|
|
|
|
- base_key_name = os.path.join(config_dir_path, server_name)
|
|
+ base_key_name = os.path.join('/etc/matrix-synapse/keys.d', server_name)
|
|
|
|
if bool(tls_certificate_path) != bool(tls_private_key_path):
|
|
raise ConfigError(
|
|
@@ -278,7 +278,7 @@ class TlsConfig(Config):
|
|
acme_enabled = bool(acme_domain)
|
|
acme_domain = "matrix.example.com"
|
|
|
|
- default_acme_account_file = os.path.join(data_dir_path, "acme_account.key")
|
|
+ default_acme_account_file = os.path.join('/etc/matrix-synapse/keys.d', "acme_account.key")
|
|
|
|
# this is to avoid the max line length. Sorrynotsorry
|
|
proxypassline = (
|