diff --git a/modules/cloud/conduit/default.nix b/modules/cloud/conduit/default.nix
index 20bdb1d..5651962 100644
--- a/modules/cloud/conduit/default.nix
+++ b/modules/cloud/conduit/default.nix
@@ -40,10 +40,15 @@ with lib;
   };
 
   # Serving .well-known files
+  # This is a single .well-known/matrix/server file that points to the server,
+  # which is NOT on port 8448 since Cloudflare doesn't allow us to route HTTPS
+  # through that port.
   config.services.nginx = mkIf cfg.enable {
     enable = true;
     virtualHosts.conduit-well-kwown = {
       listen = [{ addr = "127.0.0.1"; port = cfg.well-known_port; }];
+      # Check https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md
+      # for the file structure.
       root = pkgs.writeTextDir ".well-known/matrix/server" ''
         {
               "m.server": "${cfg.host}:443"