diff --git a/gitea/values.yaml b/gitea/values.yaml
index 37b357b..345b036 100644
--- a/gitea/values.yaml
+++ b/gitea/values.yaml
@@ -130,25 +130,27 @@ service:
 ## @param ingress.hosts[0].paths[0].pathType Ingress path type
 ## @param ingress.tls Ingress tls settings
 ## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
+
 ingress:
-  enabled: false
-  # className: nginx
-  className:
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: 10G
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_clear_headers "X-Powered-By";
+      more_set_headers "X-XSS-Protection: 1";
+      more_set_headers "X-Frame-Options: SAMEORIGIN";
+      more_set_headers "X-Content-Type-Options: nosniff";
+      more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
+  path: /
   hosts:
-    - host: git.example.com
-      paths:
-        - path: /
-          pathType: Prefix
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - git.example.com
-  # Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
-  # If helm doesn't correctly detect your ingress API version you can set it here.
-  # apiVersion: networking.k8s.io/v1
+    - gitea.jamma.dev
+  tls:
+   - secretName: tls-jamma-gitea
+     hosts:
+       - gitea.jamma.dev
 
 ## @section StatefulSet
 #