diff --git a/hosts/h/default.nix b/hosts/h/default.nix
index 8e85a57..e9722ed 100644
--- a/hosts/h/default.nix
+++ b/hosts/h/default.nix
@@ -6,6 +6,7 @@ let
   gqrss = callPackage ../../pkgs/gqrss.nix { inherit isUnstable; };
   icbirc = callPackage ../../pkgs/icbirc.nix { inherit isUnstable; };
   mcchunkie = callPackage ../../pkgs/mcchunkie.nix { inherit isUnstable; };
+  slidingSyncPkg = callPackage ../../pkgs/sliding-sync.nix { };
   weepushover =
     python3Packages.callPackage ../../pkgs/weepushover.nix { inherit pkgs; };
   pgBackupDir = "/var/backups/postgresql";
@@ -34,6 +35,7 @@ in {
     ../../modules/yarr.nix
     ../../modules/tsvnstat.nix
     ../../modules/golink.nix
+    ../../modules/sliding-sync.nix
   ];
 
   boot.loader.grub.enable = true;
@@ -104,6 +106,11 @@ in {
       mode = "400";
       sopsFile = config.xin-secrets.h.services;
     };
+    sliding_sync_env = {
+      owner = config.services.sliding-sync.user;
+      mode = "400";
+      sopsFile = config.xin-secrets.h.services;
+    };
   };
 
   networking = {
@@ -207,6 +214,11 @@ in {
   };
 
   services = {
+    sliding-sync = {
+      enable = true;
+      server = "https://tapenet.org";
+      package = slidingSyncPkg;
+    };
     pots = {
       enable = true;
       envFile = "${config.sops.secrets.pots_env_file.path}";
@@ -597,7 +609,27 @@ in {
               }";
           };
         };
-        "tapenet.org" = {
+        "tapenet.org" = if config.services.sliding-sync.enable then {
+          forceSSL = true;
+          enableACME = true;
+          root = "/var/www/tapenet.org";
+          extraConfig = ''
+            location ~ ^/(client/|_matrix/client/v3/sync|_matrix/client/unstable/org.matrix.msc3575/sync) {
+                proxy_pass http://${config.services.sliding-sync.address}:${
+                  toString config.services.sliding-sync.port
+                };
+                proxy_set_header X-Forwarded-For $remote_addr;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header Host $host;
+            }
+            location ~* ^(\/_matrix|\/_synapse\/client) {
+                proxy_pass http://127.0.0.1:8009;
+                proxy_set_header X-Forwarded-For $remote_addr;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header Host $host;
+            }
+          '';
+        } else {
           forceSSL = true;
           enableACME = true;
           root = "/var/www/tapenet.org";
@@ -638,7 +670,7 @@ in {
           LC_COLLATE = "C"
           LC_CTYPE = "C";
       '';
-      ensureDatabases = [ "synapse" "gotosocial" ];
+      ensureDatabases = [ "synapse" "gotosocial" "syncv3" ];
       ensureUsers = [
         {
           name = "synapse_user";
@@ -648,6 +680,10 @@ in {
           name = "gotosocial";
           ensurePermissions."DATABASE gotosocial" = "ALL PRIVILEGES";
         }
+        {
+          name = "syncv3";
+          ensurePermissions."DATABASE syncv3" = "ALL PRIVILEGES";
+        }
       ];
     };
 
diff --git a/modules/sliding-sync.nix b/modules/sliding-sync.nix
new file mode 100644
index 0000000..3364fe5
--- /dev/null
+++ b/modules/sliding-sync.nix
@@ -0,0 +1,96 @@
+{ lib, config, pkgs, inputs, ... }:
+let cfg = config.services.sliding-sync;
+in {
+  options = with lib; {
+    services.sliding-sync = {
+      enable = lib.mkEnableOption "Enable sliding-sync";
+
+      user = mkOption {
+        type = with types; oneOf [ str int ];
+        default = "syncv3";
+        description = ''
+          The user the service will use.
+        '';
+      };
+
+      group = mkOption {
+        type = with types; oneOf [ str int ];
+        default = "syncv3";
+        description = ''
+          The group the service will use.
+        '';
+      };
+
+      dataDir = mkOption {
+        type = types.path;
+        default = "/var/lib/sliding-sync";
+        description = "Path sliding-sync home directory";
+      };
+
+      package = mkOption {
+        type = types.package;
+        default = pkgs.sliding-sync;
+        defaultText = literalExpression "pkgs.sliding-sync";
+        description = "The package to use for sliding-sync";
+      };
+
+      port = mkOption {
+        type = types.int;
+        default = 8098;
+        description = "The port sliding-sync should listen on.";
+      };
+
+      address = mkOption {
+        type = types.str;
+        default = "127.0.0.1";
+        description = "The address sliding-sync should listen on.";
+      };
+
+      server = mkOption {
+        type = types.str;
+        default = "";
+        description = "The matrix server to talk to.";
+      };
+
+      envFile = mkOption {
+        type = types.path;
+        default = "/run/secrets/sliding_sync_env";
+        description = ''
+          Path to a file containing the sliding-sync secret information.
+        '';
+      };
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    users.groups.${cfg.group} = { };
+    users.users.${cfg.user} = {
+      description = "sliding-sync service user";
+      isSystemUser = true;
+      home = "${cfg.dataDir}";
+      createHome = true;
+      group = "${cfg.group}";
+    };
+
+    systemd.services.sliding-sync = {
+      enable = true;
+      description = "sliding-sync server";
+      wantedBy = [ "network-online.target" ];
+      after = [ "network-online.target" "matrix-synapse.service" ];
+
+      environment = {
+        HOME = "${cfg.dataDir}";
+        SYNCV3_BINDADDR = "${cfg.address}:${toString cfg.port}";
+        SYNCV3_SERVER = cfg.server;
+      };
+
+      serviceConfig = {
+        User = cfg.user;
+        Group = cfg.group;
+
+        ExecStart = "${cfg.package}/bin/syncv3";
+        EnvironmentFile = cfg.envFile;
+      };
+    };
+  };
+}