diff --git a/apps/matrix/synapse/homeserver.yaml b/apps/matrix/synapse/homeserver.yaml
index aa5dae5..7e5bdf5 100644
--- a/apps/matrix/synapse/homeserver.yaml
+++ b/apps/matrix/synapse/homeserver.yaml
@@ -26,7 +26,7 @@
 # lowercase and may contain an explicit port.
 # Examples: matrix.org, localhost:8080
 #
-server_name: "{{ tpl .Values.homeServerFQDN }}"
+server_name: "{{ tpl .Values.homeServerFQDN . }}"
 
 # When running as a daemon, the file to store the pid in
 #
@@ -767,17 +767,17 @@ caches:
 #
 # Example Postgres configuration:
 #
-#database:
-#  name: psycopg2
-#  args:
-#    user: synapse_user
-#    password: secretpassword
-#    database: synapse
-#    host: localhost
-#    port: 5432
-#    cp_min: 5
-#    cp_max: 10
-#
+database:
+ name: psycopg2
+ args:
+   user: {{ .Values.postgresUser }}
+   password: SECRETPOSTGRESPASSWORD
+   database: {{ .Values.postgresDBName }}
+   host: {{ .Release.Name }}-postgres
+   port: 5432
+   cp_min: 5
+   cp_max: 10
+
 # For more information on using Synapse with Postgres, see `docs/postgres.md`.
 #
 # database:
@@ -791,7 +791,7 @@ caches:
 # A yaml python logging config file as described by
 # https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
 #
-log_config: "/log.config"
+log_config: "/config-ro/log.yaml"
 
 
 ## Ratelimiting ##
@@ -1947,9 +1947,9 @@ oidc_providers:
   #  user_mapping_provider:
   #    config:
   #      subject_claim: "id"
-  #      localpart_template: "{{ user.login }}"
-  #      display_name_template: "{{ user.name }}"
-  #      email_template: "{{ user.email }}"
+  #      localpart_template: " user.login "
+  #      display_name_template: " user.name "
+  #      email_template: " user.email "
   #  attribute_requirements:
   #    - attribute: userGroup
   #      value: "synapseUsers"
diff --git a/apps/matrix/templates/postgres.yaml b/apps/matrix/templates/postgres.yaml
index f4f86e1..e667edc 100644
--- a/apps/matrix/templates/postgres.yaml
+++ b/apps/matrix/templates/postgres.yaml
@@ -72,5 +72,5 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/component: postgres
 stringData:
-  POSTGRES_USER: "matrix-synapse"
-  POSTGRES_DB: "matrix-synapse"
+  POSTGRES_USER: "{{ .Values.postgresUser }}"
+  POSTGRES_DB: "{{ .Values.postgresDBName }}"
diff --git a/apps/matrix/templates/synapse.yaml b/apps/matrix/templates/synapse.yaml
index 55b2d86..3a98b8c 100644
--- a/apps/matrix/templates/synapse.yaml
+++ b/apps/matrix/templates/synapse.yaml
@@ -15,7 +15,6 @@ spec:
         app.kubernetes.io/component: matrix-synapse
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/synapse-proxy.yaml") . | sha256sum }}
-        checksum/synapse: {{ include (print $.Template.BasePath "/synapse-conf.yaml") . | sha256sum }}
     spec:
       initContainers:
         - name: generate-matrix-signing-key
@@ -52,24 +51,33 @@ spec:
               value: "no"
             {{ end }}
           volumeMounts:
-            - name: nginx-config-proxy
+            - name: nginx-config
               mountPath: "/nginx-configs"
             - name: etcletsencrypt
               mountPath: "/etc/letsencrypt"
         - name: synapse
           image: matrixdotorg/synapse:{{ .Values.synapseVersion }}
+          command:
+            - sh
+            - -c
+            - "mkdir -p /config; sed \"s/SECRETPOSTGRESPASSWORD/$POSTGRES_PW/\" > /config/db.yaml; /start.py run"
           ports:
             - containerPort: 8008
           env:
             - name: SYNAPSE_CONFIG_PATH
-              value: "/conf/homeserver.yaml"
+              value: "/config-ro/homeserver.yaml"
             - name: SYNAPSE_CONFIG_DIR
-              value: "/conf"
+              value: "/config"
+            - name: POSTGRES_PW
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Release.Name }}-postgres-config
+                  key: POSTGRES_PASSWORD
           volumeMounts:
             - name: data
               mountPath: "/data"
             - name: synapse-conf
-              mountPath: "/conf"
+              mountPath: "/config-ro"
       volumes:
         - name: etcletsencrypt
           persistentVolumeClaim:
@@ -77,12 +85,9 @@ spec:
         - name: data
           persistentVolumeClaim:
             claimName: {{ .Release.Name }}-data
-        - name: postgres-vars
-          secret:
-            secretName: {{ .Release.Name }}-postgres-config
         - name: nginx-config
           configMap:
-            name: {{ .Release.Name }}-nginx-config
+            name: {{ .Release.Name }}-synapse-nginx-proxy
         - name: synapse-conf
           configMap:
             name: {{ .Release.Name }}-synapse-conf
@@ -104,15 +109,3 @@ spec:
   selector:
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/component: matrix-synapse
-
-    # database:
-    #   name: "psycopg2"
-    #   args:
-    #     database: "matrix-synapse"
-    #     host: "localhost"
-    #     user: "matrix-synapse"
-    #     password: ""
-    #     cp_min: 10
-    #     cp_min: 5
-
-    # log_config: "/baseconfig/log.yaml"
diff --git a/apps/matrix/values.yaml b/apps/matrix/values.yaml
index 971ef36..65368fc 100644
--- a/apps/matrix/values.yaml
+++ b/apps/matrix/values.yaml
@@ -13,3 +13,6 @@ synapseVersion: "v1.49.2"
 elementWebFQDN: "{{ .Release.Name }}-element-web.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
 synapseFQDN: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
 homeServerFQDN: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
+
+postgresUser: "matrix-synapse"
+postgresDBName: "matrix-synapse"