diff --git a/configuration.nix b/configuration.nix
index 7fb7745..905008a 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -11,6 +11,8 @@ let
 
   gitea_host = "git.${root_host}";
   gitea_port = 8081;
+
+   matrix_host = "matrix.${root_host}";
 in {
   imports = [
     ./hardware-configuration.nix    
@@ -18,6 +20,7 @@ in {
 
   services.postgresql = {
     enable = true;
+    # CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse;
     ensureDatabases = [ "synapse" ];
     package = pkgs.postgresql_15;
     ensureUsers = [
@@ -85,12 +88,10 @@ host    replication     all             ::1/128                 md5
           port = 5432;
           dbname = "synapse";
           user = "synapse";
-          cp_min = 5;
-          cp_max = 10;
+          cp_min = 10;
+          cp_max = 40;
           client_encoding = "auto";
           passfile = config.age.secrets.synapse_db_pass_prepared.path;
-#          password = "synapse";
-#          dbname = "synapse";
         };
       };
     };  
@@ -123,8 +124,6 @@ host    replication     all             ::1/128                 md5
       group = "matrix-synapse";
       mode = "0600";
     };
-
-#    duckdns_token.file = ./secrets/duckdns_token.age;
   };
 
   users.users.grimmauld = {
@@ -163,16 +162,6 @@ host    replication     all             ::1/128                 md5
     pypy3
   ];
 
-#  systemd.services = {
-#    dynamic-dns-updater = {
-#      path = [
-#        pkgs.curl
-#      ];
-#      script = ''curl "https://www.duckdns.org/update?domains=grimmauld&token=$(<${config.age.secrets.duckdns_token.path})&ip="'';
-#      startAt = "hourly";
-#    };
-#  };
-
   security.acme = {
     acceptTerms = true;
     defaults.email = root_email;
@@ -191,7 +180,7 @@ host    replication     all             ::1/128                 md5
 
   networking.firewall = {
     enable = true;
-    allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 ];
+    allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 8008 ];
     allowPing = true;
     allowedUDPPortRanges = [
 #      { from = 4000; to = 4007; }
@@ -225,7 +214,12 @@ host    replication     all             ::1/128                 md5
     virtualHosts."${root_host}" = {
       forceSSL = true;
       useACMEHost = root_host;
-      root = "/var/www/grimmauld.duckdns.org";
+#      locations."/" = {
+        root = "/var/www/grimmauld.duckdns.org";
+#      };
+#      locations."/.well-known/matrix/" = {
+#        root = "/var/www/grimmauld.duckdns.org/.well-known/matrix";
+#      };
     };
 
     virtualHosts."${puffer_host}" = {