Just one thing the author @gonzalo may have missed: It is possible to run a matrix server under the main domain.
The approach is to set it all up under its own subdomain matrix.example.org and then expose a .well-known or DNS SRV entry on the main domain pointing at it (see the standard).
Very nice and concise article. I do wonder a bit about postgres - why not use a Unix socket rather than tcp/ip over loop back?
sure it is possible, I found it more convenient to do it on it’s own subdomain, but the structure is the same as you said. thanks.