diff --git a/roles/custom/matrix-bridge-steam/defaults/main.yml b/roles/custom/matrix-bridge-steam/defaults/main.yml
index 3417f8a4d..32db51cf3 100644
--- a/roles/custom/matrix-bridge-steam/defaults/main.yml
+++ b/roles/custom/matrix-bridge-steam/defaults/main.yml
@@ -34,9 +34,16 @@ matrix_steam_bridge_appservice_port: "8080"
 matrix_steam_bridge_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 
 # A public address that external services can use to reach this appservice
-# TODO: This is probably necessary for public media?
 matrix_steam_bridge_appservice_public_address: "https://{{ matrix_server_fqn_matrix }}"
 
+# Public media configuration for external access to bridge media
+matrix_steam_bridge_public_media_enabled: true
+# A key for signing public media URLs. If set to "generate", a random key will be generated.
+matrix_steam_bridge_public_media_signing_key: "generate"
+# Number of seconds that public media URLs are valid for. If set to 0, URLs will never expire.
+matrix_steam_bridge_public_media_expiry: 0
+matrix_steam_bridge_public_media_hash_length: 32
+
 # Displayname template for Steam users
 # {{ .DisplayName }} is replaced with the display name of the Steam user
 # {{ .Username }} is replaced with the username of the Steam user
diff --git a/roles/custom/matrix-bridge-steam/templates/config.yaml.j2 b/roles/custom/matrix-bridge-steam/templates/config.yaml.j2
index 48c0cda19..9b57f0483 100644
--- a/roles/custom/matrix-bridge-steam/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-steam/templates/config.yaml.j2
@@ -284,15 +284,15 @@ provisioning:
 public_media:
     # Should public media be enabled at all?
     # The public_address field under the appservice section MUST be set when enabling public media.
-    enabled: false
+    enabled: {{ matrix_steam_bridge_public_media_enabled | to_json }}
     # A key for signing public media URLs.
     # If set to "generate", a random key will be generated.
-    signing_key: "generate"
+    signing_key: {{ matrix_steam_bridge_public_media_signing_key | to_json }}
     # Number of seconds that public media URLs are valid for.
     # If set to 0, URLs will never expire.
-    expiry: 0
+    expiry: {{ matrix_steam_bridge_public_media_expiry | to_json }}
     # Length of hash to use for public media URLs. Must be between 0 and 32.
-    hash_length: 32
+    hash_length: {{ matrix_steam_bridge_public_media_hash_length | to_json }}
 
 # Settings for converting remote media to custom mxc:// URIs instead of reuploading.
 # More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
diff --git a/roles/custom/matrix-bridge-steam/templates/labels.j2 b/roles/custom/matrix-bridge-steam/templates/labels.j2
index 707d6a66f..ad1daff10 100644
--- a/roles/custom/matrix-bridge-steam/templates/labels.j2
+++ b/roles/custom/matrix-bridge-steam/templates/labels.j2
@@ -11,6 +11,7 @@ traefik.enable=true
 traefik.docker.network={{ matrix_steam_bridge_container_labels_traefik_docker_network }}
 {% endif %}
 
+traefik.http.services.matrix-steam-bridge.loadbalancer.server.port={{ matrix_steam_bridge_appservice_port }}
 traefik.http.services.matrix-steam-bridge-metrics.loadbalancer.server.port=8000
 
 {% if matrix_steam_bridge_container_labels_metrics_enabled %}
@@ -47,6 +48,33 @@ traefik.http.routers.matrix-steam-bridge-metrics.tls.certResolver={{ matrix_stea
 {% endif %}
 
 
+{% if matrix_steam_bridge_public_media_enabled %}
+############################################################
+#                                                          #
+# Public Media                                             #
+#                                                          #
+############################################################
+
+# Router for public media with custom server identifier
+traefik.http.routers.matrix-steam-bridge-public-media.rule=Host(`{{ matrix_server_fqn_matrix }}`) && PathPrefix(`/_mautrix/publicmedia/matrix-steam-bridge/`)
+traefik.http.routers.matrix-steam-bridge-public-media.middlewares=matrix-steam-bridge-media-rewrite
+traefik.http.routers.matrix-steam-bridge-public-media.service=matrix-steam-bridge
+traefik.http.routers.matrix-steam-bridge-public-media.entrypoints={{ matrix_steam_bridge_container_labels_traefik_entrypoints }}
+traefik.http.routers.matrix-steam-bridge-public-media.tls=true
+traefik.http.routers.matrix-steam-bridge-public-media.tls.certResolver={{ matrix_steam_bridge_container_labels_traefik_tls_certResolver }}
+
+# URL rewriting middleware - converts custom server name to real homeserver
+traefik.http.middlewares.matrix-steam-bridge-media-rewrite.replacepathregex.regex=^/_mautrix/publicmedia/matrix-steam-bridge/(.*)$
+traefik.http.middlewares.matrix-steam-bridge-media-rewrite.replacepathregex.replacement=/_mautrix/publicmedia/{{ matrix_server_fqn_matrix }}/$1
+
+############################################################
+#                                                          #
+# /Public Media                                            #
+#                                                          #
+############################################################
+{% endif %}
+
+
 {% endif %}
 
 {{ matrix_steam_bridge_container_labels_additional_labels }}