diff --git a/core-os-podman/nginx-lb.tf b/core-os-podman/nginx-lb.tf
index b144cd7..0096c32 100644
--- a/core-os-podman/nginx-lb.tf
+++ b/core-os-podman/nginx-lb.tf
@@ -36,7 +36,7 @@ resource "docker_container" "nginx-lb" {
     source = "/var/lib/containers/nginx-lb/user_conf.d"
     type = "bind"
   }
-
+  
   mounts {
     target = "/etc/letsencrypt"
     source = "/var/lib/containers/nginx-lb/secrets"
diff --git a/core-os-podman/synapse.tf b/core-os-podman/synapse.tf
new file mode 100644
index 0000000..2cb76ff
--- /dev/null
+++ b/core-os-podman/synapse.tf
@@ -0,0 +1,50 @@
+/**
+Running for the first time:
+
+docker run -it --rm \
+    --mount type=bind,src=/var/lib/containers/synapse,dst=/data \
+    -e SYNAPSE_SERVER_NAME=matrix.rescla.me \
+    -e SYNAPSE_REPORT_STATS=no \
+    ghcr.io/element-hq/synapse:latest generate
+
+
+ */
+
+data "docker_registry_image" "synapse" {
+  name = "ghcr.io/element-hq/synapse:latest"
+}
+
+resource "docker_image" "synapse" {
+  name = data.docker_registry_image.synapse.name
+  pull_triggers = [data.docker_registry_image.synapse.sha256_digest]
+}
+
+resource "docker_container" "synapse" {
+  image = docker_image.synapse.image_id
+  name = "synapse"
+  restart = "always"
+
+  depends_on = [docker_container.postgres]
+
+  env = [
+    "TZ=Europe/Amsterdam"
+  ]
+
+  mounts {
+    target = "/data"
+    source = "/var/lib/containers/synapse"
+    type = "bind"
+  }
+
+  lifecycle {
+    ignore_changes = [
+      ulimit,
+      log_opts
+    ]
+  }
+
+  networks_advanced {
+    name = docker_network.container-public.name
+    ipv4_address = "192.168.3.48"
+  }
+}
\ No newline at end of file