{
  config,
  pkgs,
  inputs,
  ...
}: {
  services.postgresql = {
    enable = true;
    initialScript = pkgs.writeText "synapse-init.sql" ''
      CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
      CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
      TEMPLATE template0
      LC_COLLATE = "C"
      LC_CTYPE = "C";
    '';
  };

  services.matrix-synapse = {
    enable = true;
    settings = {
      server_name = "cyplo.dev";
      listeners = [
        {
          port = 8008;
          bind_addresses = ["bolty.cyplo.github.beta.tailscale.net"];
          type = "http";
          tls = false;
          x_forwarded = true;
          resources = [
            {
              names = ["client" "federation"];
              compress = false;
            }
          ];
        }
      ];
      experimental_features = {spaces_enabled = true;};
      enable_registration = false;
      suppress_key_server_warning = true;
    };
  };

  networking.firewall.allowedTCPPorts = [8008];
}