diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf
index 5c61844f..29bb1502 100644
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@@ -507,3 +507,8 @@ module "homepage" {
   source          = "./homepage"
   tls_secret_name = var.tls_secret_name
 }
+
+module "matrix" {
+  source          = "./matrix"
+  tls_secret_name = var.tls_secret_name
+}
diff --git a/modules/kubernetes/matrix/main.tf b/modules/kubernetes/matrix/main.tf
new file mode 100644
index 00000000..2e490b08
--- /dev/null
+++ b/modules/kubernetes/matrix/main.tf
@@ -0,0 +1,124 @@
+variable "tls_secret_name" {}
+
+resource "kubernetes_namespace" "matrix" {
+  metadata {
+    name = "matrix"
+    labels = {
+      "istio-injection" : "disabled"
+    }
+  }
+}
+
+module "tls_secret" {
+  source          = "../setup_tls_secret"
+  namespace       = "matrix"
+  tls_secret_name = var.tls_secret_name
+}
+
+resource "kubernetes_deployment" "matrix" {
+  metadata {
+    name      = "matrix"
+    namespace = "matrix"
+    labels = {
+      app = "matrix"
+    }
+  }
+  spec {
+    replicas = 1
+    selector {
+      match_labels = {
+        app = "matrix"
+      }
+    }
+    template {
+      metadata {
+        labels = {
+          app = "matrix"
+        }
+      }
+      spec {
+        container {
+          image = "matrixdotorg/synapse:latest"
+          name  = "matrix"
+          port {
+            container_port = 8008
+          }
+          env {
+            name  = "SYNAPSE_SERVER_NAME"
+            value = "matrix.viktorbarzin.me"
+          }
+          env {
+            name  = "SYNAPSE_REPORT_STATS"
+            value = "yes"
+          }
+          volume_mount {
+            name       = "data"
+            mount_path = "/data"
+          }
+        }
+        volume {
+          name = "data"
+          nfs {
+            server = "10.0.10.15"
+            path   = "/mnt/main/matrix"
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "matrix" {
+  metadata {
+    name      = "matrix"
+    namespace = "matrix"
+    labels = {
+      "app" = "matrix"
+    }
+  }
+
+  spec {
+    selector = {
+      app = "matrix"
+    }
+    port {
+      name        = "http"
+      port        = "80"
+      target_port = "8008"
+    }
+  }
+}
+
+resource "kubernetes_ingress_v1" "matrix" {
+  metadata {
+    name      = "matrix"
+    namespace = "matrix"
+
+    annotations = {
+      "kubernetes.io/ingress.class" = "nginx"
+    }
+  }
+
+  spec {
+    tls {
+      hosts       = ["matrix.viktorbarzin.me"]
+      secret_name = var.tls_secret_name
+    }
+    rule {
+      host = "matrix.viktorbarzin.me"
+      http {
+        path {
+          path = "/"
+          backend {
+            service {
+              name = "matrix"
+              port {
+                number = 80
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/terraform.tfstate b/terraform.tfstate
index f43fe6b2..f982c192 100644
Binary files a/terraform.tfstate and b/terraform.tfstate differ
diff --git a/terraform.tfvars b/terraform.tfvars
index f10ed344..5b402872 100644
Binary files a/terraform.tfvars and b/terraform.tfvars differ