diff --git a/utility-services/gitea/server.ts b/utility-services/gitea/server.ts
index cd9ce37..12a78fd 100644
--- a/utility-services/gitea/server.ts
+++ b/utility-services/gitea/server.ts
@@ -6,7 +6,7 @@ import { Construct } from "constructs";
 import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
 
 import { OnePasswordSecret } from "../../utils";
-import { IngressRouteTcp } from "../../utils/traefik";
+import { IngressRoute, IngressRouteTcp } from "../../utils/traefik";
 
 type GiteaServerOptions = {
   providers: {
@@ -78,5 +78,16 @@ export class GiteaServer extends Construct {
       serviceName: `${options.name}-ssh`,
       servicePort: 22,
     });
+
+    new IngressRoute(this, "http-ingress", {
+      provider: kubernetes,
+      namespace: options.namespace,
+      name: options.name,
+      entryPoints: ["websecure"],
+      host: "git.dogar.dev",
+      serviceName: `${options.name}-http`,
+      servicePort: 3000,
+      tlsSecretName: `${options.name}-tls`,
+    });
   }
 }
diff --git a/utility-services/gitea/values.yaml b/utility-services/gitea/values.yaml
index 86e8a7b..c218bc1 100644
--- a/utility-services/gitea/values.yaml
+++ b/utility-services/gitea/values.yaml
@@ -10,21 +10,7 @@ service:
     annotations:
       metallb.universe.tf/allow-shared-ip: gitea
 ingress:
-  enabled: true
-  annotations:
-    cert-manager.io/cluster-issuer: cloudflare-issuer
-    cert-manager.io/acme-challenge-type: dns01
-    cert-manager.io/private-key-size: 4096
-  className: traefik
-  hosts:
-    - host: git.dogar.dev
-      paths:
-        - path: /
-          pathType: Prefix
-  tls:
-    - secretName: gitea-tls
-      hosts:
-        - git.dogar.dev
+  enabled: false
 gitea:
   podAnnotations:
     prometheus.io/scrape: "true"