apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: gitea-ingress namespace: default annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: rules: - host: &host "git.${SECRET_NEW_DOMAIN}" http: paths: - path: / pathType: Prefix backend: service: name: gitea port: number: 80 tls: - hosts: - *host secretName: wildcard-main-tls