diff --git a/manifests/matrix_appservice_slack.pp b/manifests/matrix_appservice_slack.pp
new file mode 100644
index 0000000000000000000000000000000000000000..e7ed85b3690f1d72e3de0de78892bdd3c2740a4e
--- /dev/null
+++ b/manifests/matrix_appservice_slack.pp
@@ -0,0 +1,11 @@
+# https://matrix-appservice-slack.readthedocs.io/en/latest/getting_started/
+#
+# To set up:
+# git clone https://github.com/matrix-org/matrix-appservice-slack
+# cd matrix-appservice-slack
+# npm install
+# npm run build
+
+class profiles::matrix_appservice_slack (
+) {
+}
diff --git a/manifests/matrix_next.pp b/manifests/matrix_next.pp
new file mode 100644
index 0000000000000000000000000000000000000000..159020324f713fcf295e1445726523febcb07612
--- /dev/null
+++ b/manifests/matrix_next.pp
@@ -0,0 +1,79 @@
+class profiles::matrix (
+  Variant[String, Sensitive[String]] $macaroon_secret_key,
+  Variant[String, Sensitive[String]] $oidc_client_secret,
+  String $max_upload_size = '50M',
+
+) {
+  $registration_secret = extlib::cache_data(
+        $module_name,
+        'registration_secret',
+        extlib::random_password(20))
+
+  $macroon_secret_key_ = $macroon_secret_key ? {
+    String => $macroon_secret_key,
+    _      => $macroo_secret_key.unwrap,
+  }
+
+  # $db_args = 
+
+  matrix::oidc::keycloak { '':
+    description   => 'Lysator Account',
+    issuer        => 'https://login.lysator.liu.se/auth/realms/Lysator',
+    client_id     => 'synapse',
+    client_secret => $oidc_client_secret,
+    mappings      => {
+      '#lysator'      => {
+        'roomIds' => [
+          '!dsadxKokXujEJmorlJ:matrix.lysator.liu.se',
+        ],
+      },
+      '#lysator-root' => {
+        'roomIds' => [
+          '!dSBhWGNHUHtYMyGiIO:matrix.lysator.liu.se',
+        ]
+      },
+    },
+  }
+
+  matrix::appservice::irc { 'Libera.Chat':
+    domain     => 'irc.libera.chat',
+    network_id => 'lysmatrix',
+  }
+
+  matrix::appservice::slack { 'Admittansen':
+  }
+
+  class { '::matrix':
+    server_name          => $server_name,
+    registration_enabled => true,
+    registration_secret  => $registration_secret,
+    macroon_secret_key   => $macroon_secret_key_,
+    max_upload_size      => $max_upload_size,
+    database_name        => 'psycopg2',  # postgresql
+  }
+
+  # https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
+  $synapse_email = {
+    'notif_from' => "%(app)s@${server_name}",
+    # TLS isn't nececery between the synapse process and the postfix
+    # process, on the same server.
+    'enable_tls' => false,
+    'subjects'   => {
+      'message_from_person_in_room'     => '[%(app)s] You have a message on %(app)s from %(person)s in the %(room)s room...',
+      'message_from_person'             => '[%(app)s] You have a message on %(app)s from %(person)s...',
+      'messages_from_person'            => '[%(app)s] You have messages on %(app)s from %(person)s...',
+      'messages_in_room'                => '[%(app)s] You have messages on %(app)s in the %(room)s room...',
+      'messages_in_room_and_others'     => '[%(app)s] You have messages on %(app)s in the %(room)s room and others...',
+      'messages_from_person_and_others' => '[%(app)s] You have messages on %(app)s from %(person)s and others...',
+      'invite_from_person_to_room'      => '[%(app)s] %(person)s has invited you to join the %(room)s room on %(app)s...',
+      'invite_from_person'              => '[%(app)s] %(person)s has invited you to chat on %(app)s...',
+      'password_reset'                  => '[%(server_name)s] Password reset',
+      'email_validation'                => '[%(server_name)s] Validate your email',
+    },
+  }
+
+  # should hopefully configure our outgoing email server
+  include ::postfix
+
+  # TODO configure DB dumps
+}