diff --git a/configuration/hardware-specific/hetzner/disko.nix b/configuration/hardware-specific/hetzner/disko.nix
index 7e1acd7..6b769d2 100644
--- a/configuration/hardware-specific/hetzner/disko.nix
+++ b/configuration/hardware-specific/hetzner/disko.nix
@@ -80,7 +80,7 @@
                     inherit mountOptions;
                     mountpoint = "/var";
                   };
-                  "/volume/var/lib/private/matrix-conduit" = {
+                  "/volume/var/lib/private/continuwuity" = {
                     mountOptions = [
                       # Explicitly don't compress here, since
                       # conduwuit's database does compression by
@@ -89,7 +89,7 @@
                       # if btrfs compresses it)
                       "noatime"
                     ];
-                    mountpoint = "/var/lib/private/matrix-conduit";
+                    mountpoint = "/var/lib/private/continuwuity";
                   };
                   "/volume/nix-store" = {
                     inherit mountOptions;
diff --git a/configuration/services/conduit/default.nix b/configuration/services/conduit/default.nix
index a4c91d3..e1a5f60 100644
--- a/configuration/services/conduit/default.nix
+++ b/configuration/services/conduit/default.nix
@@ -7,7 +7,7 @@
 let
   inherit (lib.strings) concatMapStringsSep;
 
-  cfg = config.services.matrix-conduit;
+  cfg = config.services.matrix-continuwuity;
   domain = "matrix.${config.services.nginx.domain}";
   turn-realm = "turn.${config.services.nginx.domain}";
 in
@@ -45,14 +45,14 @@ in
   };
 
   services = {
-    matrix-conduit = {
+    matrix-continuwuity = {
       enable = true;
       package = pkgs.matrix-continuwuity;
       settings.global = {
-        address = "127.0.0.1";
+        address = [ "127.0.0.1" ];
         server_name = domain;
         new_user_displayname_suffix = "🦆";
-        allow_check_for_updates = true;
+        turn_secret_file = "/run/credentials/continuwuity.service/turn-secret";
 
         # Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended
         # This is primarily to make sliding sync work
@@ -173,35 +173,30 @@ in
 
       locations = {
         "/_matrix" = {
-          proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
+          proxyPass = "http://${lib.head cfg.settings.global.address}:${toString cfg.settings.global.port}";
           # Recommended by conduit
           extraConfig = ''
             proxy_buffering off;
           '';
         };
         "/.well-known/matrix" = {
-          proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
+          proxyPass = "http://${lib.head cfg.settings.global.address}:${toString cfg.settings.global.port}";
         };
       };
     };
 
     backups.conduit = {
       user = "root";
-      paths = [ "/var/lib/private/matrix-conduit/" ];
+      paths = [ "/var/lib/private/matrix-continuwuity/" ];
       # Other services store their data in conduit, so no other services
       # need to be shut down currently.
-      pauseServices = [ "conduit.service" ];
+      pauseServices = [ "continuwuity.service" ];
     };
   };
 
-  systemd.services.conduit.serviceConfig = {
-    ExecStart = lib.mkForce "${config.services.matrix-conduit.package}/bin/conduwuit";
-    # Pass in the TURN secret via EnvironmentFile, not supported by
-    # upstream module currently.
-    #
-    # See also https://gitlab.com/famedly/conduit/-/issues/314
-    EnvironmentFile = config.sops.secrets."turn/env".path;
-  };
+  systemd.services.continuwuity.serviceConfig.LoadCredential = "turn-secret:${
+    config.sops.secrets."turn/env".path
+  }";
 
   systemd.services.coturn.serviceConfig.SupplementaryGroups = [
     config.security.acme.certs."tlater.net".group
diff --git a/configuration/services/conduit/heisenbridge.nix b/configuration/services/conduit/heisenbridge.nix
index 5441639..0fe6bc5 100644
--- a/configuration/services/conduit/heisenbridge.nix
+++ b/configuration/services/conduit/heisenbridge.nix
@@ -5,7 +5,7 @@
   ...
 }:
 let
-  conduitCfg = config.services.matrix-conduit;
+  conduitCfg = config.services.matrix-continuwuity;
   matrixLib = pkgs.callPackage ./lib.nix { };
 in
 {
@@ -36,7 +36,7 @@ in
     {
       description = "Matrix<->IRC bridge";
       wantedBy = [ "multi-user.target" ];
-      after = [ "conduit.service" ];
+      after = [ "continuwuity.service" ];
 
       serviceConfig = {
         Type = "exec";
diff --git a/configuration/services/crowdsec.nix b/configuration/services/crowdsec.nix
index 819403d..99eaa11 100644
--- a/configuration/services/crowdsec.nix
+++ b/configuration/services/crowdsec.nix
@@ -65,7 +65,7 @@
             whitelist = {
               reason = "whitelist false positive for matrix";
               expression = [
-                "evt.Overflow.Alert.Events[0].GetMeta('target_fqdn') == '${config.services.matrix-conduit.settings.global.server_name}'"
+                "evt.Overflow.Alert.Events[0].GetMeta('target_fqdn') == '${config.services.matrix-continuwuity.settings.global.server_name}'"
                 "evt.Overflow.Alert.GetScenario() in ['crowdsecurity/http-probing', 'crowdsecurity/http-crawl-non_statics']"
               ];
             };