diff --git a/hosts/jabber/default.nix b/hosts/jabber/default.nix
index 623aba2f..9af36825 100644
--- a/hosts/jabber/default.nix
+++ b/hosts/jabber/default.nix
@@ -163,8 +163,8 @@ in
           '';
         in
         /* lua */ ''
-          legacy_ssl_ports = { 5223 }
-          legacy_ssl_ssl = {
+          c2s_direct_tls_ports = { 5223 }
+          c2s_direct_tls_ssl = {
             key = "/var/lib/acme/${domain}/key.pem",
             certificate = "/var/lib/acme/${domain}/fullchain.pem",
           }
@@ -193,21 +193,14 @@ in
           http_upload_expire_after = 60 * 60 * 24 * 7 -- a week in seconds
           cross_domain_bosh = true -- Allow access from scripts on any site with no proxy (requires a modern browser)
 
+          external_service_password = coturnPassword;
+          external_service_port = "3478";
+          external_service_transport = "udp";
+          external_service_type = "turn";
+          external_service_username = coturnUser;
           external_services = {
-            ["turn.${domain}"] = {
-              username = "${coturnUser}";
-              password = "${coturnPassword}";
-              port = "3478";
-              transport = "udp";
-              type = "turn";
-            };
-            ["${zentralwerk.lib.config.site.hosts.upstream4.interfaces.up4-pppoe.upstream.staticIpv4Address}"] = {
-              username = "${coturnUser}";
-              password = "${coturnPassword}";
-              port = "3478";
-              transport = "udp";
-              type = "turn";
-            };
+            { host = "turn.${domain}" }
+            { host = zentralwerk.lib.dns.publicIPv4 }
           }
 
           -- File-transfer proxies are an outdated technology