Remove Gitea's SSH as entrypoint/possible attackvector

ingress/Traefik2.x/chart-values.yml

@@ -1,11 +1,10 @@
 ports:
+  rtmp:
+    port: 1935
+    exposedPort: 1935
+    expose: true
   web:
-#    port: 80
-#    exposedPort: 80
     redirectTo: websecure
-#  websecure:
-#    port: 443
-#    exposedPort: 443
 
 volumes:
   - name: traefik-configmap
@@ -17,8 +16,6 @@ persistence:
   accessMode: ReadWriteMany
   path: /data
   existingClaim: "traefik"
-#  size: 1Gi
-#  subPath: 'acme.json'
 
 env:
   - name: CF_API_EMAIL

ingress/Traefik2.x/configMap_traefik.yml

@@ -9,6 +9,8 @@ data:
       checkNewVersion: true
       sendAnonymousUsage: true
     entryPoints:
+      rtmp:
+        address: :1935
       web:
         address: :8000
       websecure:
@@ -42,8 +44,6 @@ data:
     #        - "127.0.0.0/8"
     #        - "192.168.5.0/24"
     #        - "192.168.11.0/24"
-      ssh:
-        address: :2222
       traefik:
         address: :9000
     providers:

services/Gitea/deployment_Gitea.yml

@@ -7,10 +7,6 @@ spec:
     - protocol: TCP
       name: ui
       port: 3000
-    - protocol: TCP
-      name: ssh
-      port: 22
-      targetPort: ssh
   selector:
     app: gitea
 ---
@@ -45,8 +41,6 @@ spec:
         ports:
           - name: ui
             containerPort: 3000
-          - name: ssh
-            containerPort: 22
         volumeMounts:
         - mountPath: /data
           name: flexvolsmb-gitea-data
@@ -81,20 +75,6 @@ spec:
     middlewares:
       - name: security-headers@file
 ---
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRouteTCP
-metadata:
-  name: gitea
-spec:
-  entryPoints:
-    - ssh
-  routes:
-  - match: HostSNI(`*`)
-    kind: Rule
-    services:
-    - name: gitea
-      port: 22
----
 apiVersion: v1
 kind: PersistentVolume
 metadata: