diff --git a/configuration/services/conduit.nix b/configuration/services/conduit.nix
index 13be08f..b60b668 100644
--- a/configuration/services/conduit.nix
+++ b/configuration/services/conduit.nix
@@ -1,10 +1,4 @@
-{
-  config,
-  lib,
-  ...
-}: let
-  inherit (lib.strings) concatMapStringsSep;
-
+{config, ...}: let
   cfg = config.services.matrix-conduit;
   domain = "matrix.${config.services.nginx.domain}";
   turn-realm = "turn.${config.services.nginx.domain}";
@@ -22,6 +16,8 @@ in {
       in [
         "turn:${address}?transport=udp"
         "turn:${address}?transport=tcp"
+        "turns:${tls-address}?transport=udp"
+        "turns:${tls-address}?transport=tcp"
       ];
     };
   };
@@ -72,9 +68,11 @@ in {
       denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
       denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
       denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+      allowed-peer-ip=178.79.137.55
 
-      # *Allow* any IP addresses that we explicitly set as relay IPs
-      ${concatMapStringsSep "\n" (ip: "allowed-peer-ip=${ip}") config.services.coturn.relay-ips}
+      # Limit number of rooms
+      user-quota=12
+      total-quota=36
 
       # Various other security settings
       no-tlsv1
diff --git a/flake.nix b/flake.nix
index 2dc31c0..f190d89 100644
--- a/flake.nix
+++ b/flake.nix
@@ -72,15 +72,13 @@
       lib = nixpkgs.lib;
     };
 
-    ###################
-    # Utility scripts #
-    ###################
-    packages.${system} = let
+    ####################
+    # VM launch script #
+    ####################
+    apps.${system} = let
       inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
     in {
-      default = self.packages.${system}.run-vm;
-
-      run-vm = let
+      default = let
         vm = self.lib.makeNixosSystem {
           inherit system;
           extraModules = [(import ./configuration/hardware-specific/vm.nix)];
@@ -93,33 +91,23 @@
           "8448" = "8448"; # Matrix
           "21025" = "21025"; # Starbound
         };
-      in
-        writeShellScript "run-vm" ''
+      in {
+        type = "app";
+        program = builtins.toString (writeShellScript "run-vm" ''
           export QEMU_OPTS="-m 3941 -smp 2 -display curses"
           export QEMU_NET_OPTS="${qemuNetOpts}"
           "${vm.config.system.build.vm}/bin/run-tlaternet-vm"
-        '';
+        '');
+      };
 
       update-nextcloud-apps = let
         nvfetcher-bin = "${nvfetcher.defaultPackage.${system}}/bin/nvfetcher";
-      in
-        writeShellScript "update-nextcloud-apps" ''
+      in {
+        type = "app";
+        program = builtins.toString (writeShellScript "update-nextcloud-apps" ''
           cd "$(git rev-parse --show-toplevel)/pkgs"
           ${nvfetcher-bin} -o _sources_nextcloud -c nextcloud-apps.toml
-        '';
-    };
-
-    apps.${system} = let
-      inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
-    in {
-      default = {
-        type = "app";
-        program = builtins.toString self.packages.${system}.run-vm;
-      };
-
-      update-nextcloud-apps = {
-        type = "app";
-        program = builtins.toString self.packages.${system}.update-nextcloud-apps;
+        '');
       };
     };