diff --git a/systems/etna/default.nix b/systems/etna/default.nix
index ef2292b..c33ed5d 100644
--- a/systems/etna/default.nix
+++ b/systems/etna/default.nix
@@ -1,4 +1,8 @@
-{config, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   age.secrets = let
     path = ../../secrets/etna;
   in {
@@ -41,6 +45,15 @@
       };
     };
 
+    matrix-conduit = {
+      enable = true;
+      settings.global = {
+        server_name = "m.uku.moe";
+        allow_registration = true;
+        port = 6167;
+      };
+    };
+
     cloudflared = {
       enable = true;
       tunnels."57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5" = {
@@ -50,10 +63,39 @@
           "api.uku3lig.net" = "http://localhost:5000";
           "bw.uku3lig.net" = "http://localhost:8222";
           "maven.uku3lig.net" = "http://localhost:8080";
+          "m.uku.moe" = "http://localhost:80";
         };
 
         default = "http_status:404";
       };
     };
+
+    nginx = {
+      enable = true;
+      recommendedProxySettings = true;
+
+      virtualHosts."m.uku.moe" = {
+        locations."=/.well-known/matrix/server" = let
+          filename = "server-well-known";
+          content = builtins.toJSON {"m.server" = "m.uku.moe:443";};
+        in {
+          alias = builtins.toString (pkgs.writeTextDir filename content) + "/";
+          tryFiles = "${filename} =200";
+          extraConfig = ''
+            default_type application/json;
+          '';
+        };
+
+        locations."/" = {
+          proxyPass = "http://localhost:6167/";
+          proxyWebsockets = true;
+          extraConfig = ''
+            proxy_set_header Host $host;
+            proxy_buffering off;
+            client_max_body_size 100M;
+          '';
+        };
+      };
+    };
   };
 }