diff --git a/nixos/roles/matrix-homeserver/synapse.nix b/nixos/roles/matrix-homeserver/synapse.nix
index 9eb6dc4a..2aa51ef2 100644
--- a/nixos/roles/matrix-homeserver/synapse.nix
+++ b/nixos/roles/matrix-homeserver/synapse.nix
@@ -17,13 +17,26 @@ in {
       public_baseurl = "https://${fqdn}";
       url_preview_enabled = mkDefault true;
       enable_registration = mkDefault false;
-      enable_metrics = mkDefault false;
+      enable_metrics = mkDefault true;
       report_stats = mkDefault false;
       dynamic_thumbnails = mkDefault true;
       registration_shared_secret = "!!MATRIX_SHARED_REGISTRATION_SECRET!!";
       allow_guest_access = mkDefault true;
       suppress_key_server_warning = mkDefault true;
       listeners = [
+        {
+          port = 8009;
+          bind_addresses = ["::1"];
+          type = "http";
+          tls = false;
+          x_forwarded = true;
+          resources = [
+            {
+              names = ["metrics"];
+              compress = true;
+            }
+          ];
+        }
         {
           port = 8008;
           bind_addresses = ["::1"];
diff --git a/nixos/roles/monitoring-server/nginx.nix b/nixos/roles/monitoring-server/nginx.nix
index 2f5f5e74..6217325a 100644
--- a/nixos/roles/monitoring-server/nginx.nix
+++ b/nixos/roles/monitoring-server/nginx.nix
@@ -1,5 +1,7 @@
 {config, ...}: {
   services.nginx.virtualHosts.${config.services.grafana.settings.server.domain} = {
+    enableACME = true;
+    forceSSL = true;
     locations."/" = {
       proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";
       proxyWebsockets = true;
diff --git a/nixos/roles/monitoring-server/prometheus.nix b/nixos/roles/monitoring-server/prometheus.nix
index 6bfce084..43c32950 100644
--- a/nixos/roles/monitoring-server/prometheus.nix
+++ b/nixos/roles/monitoring-server/prometheus.nix
@@ -9,6 +9,9 @@
         port = 9002;
       };
     };
+    ruleFiles = [
+      ./synapse-v2.rules
+    ];
     scrapeConfigs = [
       {
         job_name = "${config.networking.hostName}";
@@ -18,6 +21,15 @@
           }
         ];
       }
+      {
+        job_name = "${config.networking.hostName}-synapse";
+        metrics_path = "/_synapse/metrics";
+        static_configs = [
+          {
+            targets = ["[::1]:8009"];
+          }
+        ];
+      }
     ];
   };
 }
diff --git a/nixos/roles/monitoring-server/synapse-v2.rules b/nixos/roles/monitoring-server/synapse-v2.rules
new file mode 100644
index 00000000..eb6892a2
--- /dev/null
+++ b/nixos/roles/monitoring-server/synapse-v2.rules
@@ -0,0 +1,74 @@
+groups:
+- name: synapse
+  rules:
+
+  ###
+  ### Prometheus Console Only
+  ### The following rules are only needed if you use the Prometheus Console
+  ### in contrib/prometheus/consoles/synapse.html
+  ###
+  - record: 'synapse_federation_client_sent'
+    labels:
+      type: "EDU"
+    expr: 'synapse_federation_client_sent_edus_total + 0'
+  - record: 'synapse_federation_client_sent'
+    labels:
+      type: "PDU"
+    expr: 'synapse_federation_client_sent_pdu_destinations_count_total + 0'
+  - record: 'synapse_federation_client_sent'
+    labels:
+      type: "Query"
+    expr: 'sum(synapse_federation_client_sent_queries) by (job)'
+
+  - record: 'synapse_federation_server_received'
+    labels:
+      type: "EDU"
+    expr: 'synapse_federation_server_received_edus_total + 0'
+  - record: 'synapse_federation_server_received'
+    labels:
+      type: "PDU"
+    expr: 'synapse_federation_server_received_pdus_total + 0'
+  - record: 'synapse_federation_server_received'
+    labels:
+      type: "Query"
+    expr: 'sum(synapse_federation_server_received_queries) by (job)'
+
+  - record: 'synapse_federation_transaction_queue_pending'
+    labels:
+      type: "EDU"
+    expr: 'synapse_federation_transaction_queue_pending_edus + 0'
+  - record: 'synapse_federation_transaction_queue_pending'
+    labels:
+      type: "PDU"
+    expr: 'synapse_federation_transaction_queue_pending_pdus + 0'
+  ###
+  ### End of 'Prometheus Console Only' rules block
+  ###
+
+
+  ###
+  ### Grafana Only
+  ### The following rules are only needed if you use the Grafana dashboard
+  ### in contrib/grafana/synapse.json
+  ###
+  - record: synapse_storage_events_persisted_by_source_type
+    expr: sum without(type, origin_type, origin_entity) (synapse_storage_events_persisted_events_sep_total{origin_type="remote"})
+    labels:
+      type: remote
+  - record: synapse_storage_events_persisted_by_source_type
+    expr: sum without(type, origin_type, origin_entity) (synapse_storage_events_persisted_events_sep_total{origin_entity="*client*",origin_type="local"})
+    labels:
+      type: local
+  - record: synapse_storage_events_persisted_by_source_type
+    expr: sum without(type, origin_type, origin_entity) (synapse_storage_events_persisted_events_sep_total{origin_entity!="*client*",origin_type="local"})
+    labels:
+      type: bridges
+
+  - record: synapse_storage_events_persisted_by_event_type
+    expr: sum without(origin_entity, origin_type) (synapse_storage_events_persisted_events_sep_total)
+
+  - record: synapse_storage_events_persisted_by_origin
+    expr: sum without(type) (synapse_storage_events_persisted_events_sep_total)
+  ###
+  ### End of 'Grafana Only' rules block
+  ###
\ No newline at end of file