diff --git a/matrix/nginx/README.md b/matrix/nginx/README.md
index cfcec99..03715b9 100644
--- a/matrix/nginx/README.md
+++ b/matrix/nginx/README.md
@@ -140,22 +140,20 @@ another vhost, something like this:
 
 ```
 server {
-	listen 443 ssl;
-	listen [::]:443 ssl;
-
-	ssl_certificate
-/etc/letsencrypt/live/admin.example.procolix.com/fullchain.pem;
-	ssl_certificate_key
-/etc/letsencrypt/live/admin.example.procolix.com/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	ssl_dhparam /etc/ssl/dhparams.pem;
-
-        server_name admin.example.procolix.com;
-
-	root /var/www/synapse-admin;
-
-        access_log /var/log/nginx/admin-example-access.log;
-        error_log /var/log/nginx/admin-example-error.log;
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    
+    ssl_certificate /etc/letsencrypt/live/admin.example.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/admin.example.com/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/ssl/dhparams.pem;
+    
+    server_name admin.example.com;
+    
+    root /var/www/synapse-admin;
+    
+    access_log /var/log/nginx/admin-access.log;
+    error_log /var/log/nginx/admin-error.log;
 }
 ```
 
@@ -170,20 +168,18 @@ In `/etc/nginx/sites-available/synapse` you want to add this bit:
 
 ```
 location ~ ^/_synapse/admin {
-	allow 127.0.0.1;
-	allow ::1;
-	allow 185.206.232.60;		# this host
-	allow 2a00:51c0:12:1201::2a;	# this host
-	allow 45.142.234.216;		# kantoor
-	allow 2a10:3781:2bc3::/64;	# kantoor
-	deny all;
-
-	proxy_pass http://localhost:8008;
-	proxy_set_header X-Forwarded-For $remote_addr;
-	proxy_set_header X-Forwarded-Proto $scheme;
-	proxy_set_header Host $host;
-	client_max_body_size 50M;
-	proxy_http_version 1.1;
+    allow 127.0.0.1;
+    allow ::1;
+    allow 111.222.111.222;
+    allow dead:beef::/64;
+    deny all;
+    
+    proxy_pass http://localhost:8008;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header Host $host;
+    client_max_body_size 50M;
+    proxy_http_version 1.1;
 }
 ```
 
@@ -200,30 +196,42 @@ Then create a virtual host much like this:
 
 ```
 server {
-        listen 443 ssl;
-        listen [::]:443 ssl;
-
-        ssl_certificate /etc/letsencrypt/live/livekit.matrixdev.example.com/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/livekit.matrixdev.example.com/privkey.pem;
-        include /etc/letsencrypt/options-ssl-nginx.conf;
-        ssl_dhparam /etc/ssl/dhparams.pem;
-
-        server_name livekit.matrixdev.example.com;
-
-	# This is lk-jwt-service
-    	location ~ ^(/sfu/get|/healthz) {
-	        proxy_pass http://[::1]:8080;
-	        proxy_set_header Host $host;
-	        proxy_set_header X-Forwarded-Server $host;
-	        proxy_set_header X-Real-IP $remote_addr;
-	        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-	        proxy_set_header X-Forwarded-Proto $scheme;
-	}
-
-	access_log /var/log/nginx/livekit.matrixdev-access.log;
-        error_log /var/log/nginx/livekit.matrixdev-error.log;
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    
+    ssl_certificate /etc/letsencrypt/live/livekit.example.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/livekit.example.com/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/ssl/dhparams.pem;
+    
+    server_name livekit.example.com;
+    
+    # This is lk-jwt-service
+    location ~ ^(/sfu/get|/healthz) {
+        proxy_pass http://[::1]:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    
+    location / {
+        proxy_pass http://[::1]:7880;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Upgrade $http_upgrade;
+        #add_header Access-Control-Allow-Origin "*" always;
+        
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    
+    access_log /var/log/nginx/livekit-access.log;
+    error_log /var/log/nginx/livekit-error.log;
 }
-
 ```
 
 
@@ -234,24 +242,38 @@ should be the configuration to publish that:
 
 ```
 server {
-	listen 443 ssl;
-	listen [::]:443 ssl;
-
-	ssl_certificate
-/etc/letsencrypt/live/call.matrixdev.example.com/fullchain.pem;
-	ssl_certificate_key
-/etc/letsencrypt/live/call.matrixdev.example.com/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	ssl_dhparam /etc/ssl/dhparams.pem;
-
-        server_name call.matrixdev.example.com;
-
-        root /var/www/element-call;
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    
+    ssl_certificate /etc/letsencrypt/live/call.example.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/call.example.com/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/ssl/dhparams.pem;
+    
+    server_name call.example.com;
+    
+    root /var/www/element-call;
+    
+    location /assets {
+        add_header Cache-Control "public, immutable, max-age=31536000";
+    }
+    
+    location /apple-app-site-association {
+        default_type application/json;
+    }
+    
+    location /^config.json$ {
+        alias public/config.json;
+        default_type application/json;
+    }
+    
+    location / {
         try_files $uri /$uri /index.html;
-
-
-        access_log /var/log/nginx/call-access.log;
-        error_log /var/log/nginx/call-error.log;
+        add_header Cache-Control "public, max-age=30, stale-while-revalidate=30";
+    }
+    
+    access_log /var/log/nginx/call-access.log;
+    error_log /var/log/nginx/call-error.log;
 }
 ```