diff --git a/infrastructure/controllers/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml b/infrastructure/configs/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml
similarity index 100%
rename from infrastructure/controllers/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml
rename to infrastructure/configs/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml
diff --git a/infrastructure/controllers/cert-manager/cluster-issuer-letsencrypt-prod.yaml b/infrastructure/configs/cert-manager/cluster-issuer-letsencrypt-prod.yaml
similarity index 93%
rename from infrastructure/controllers/cert-manager/cluster-issuer-letsencrypt-prod.yaml
rename to infrastructure/configs/cert-manager/cluster-issuer-letsencrypt-prod.yaml
index e4ca0f0..0fe8c7e 100644
--- a/infrastructure/controllers/cert-manager/cluster-issuer-letsencrypt-prod.yaml
+++ b/infrastructure/configs/cert-manager/cluster-issuer-letsencrypt-prod.yaml
@@ -7,7 +7,7 @@ spec:
     email: michael@michaelthomson.dev
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
-      name: letsencrypt-staging
+      name: letsencrypt-prod
     solvers:
     - selector:
         dnsZones:
diff --git a/infrastructure/configs/longhorn/ingress.yaml b/infrastructure/configs/longhorn/ingress.yaml
new file mode 100644
index 0000000..acd0fc7
--- /dev/null
+++ b/infrastructure/configs/longhorn/ingress.yaml
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: longhorn
+  namespace: longhorn-system
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  rules:
+  - host: longhorn.michaelthomson.dev
+    http:
+      paths:
+      - backend:
+          service:
+            name: longhorn-frontend
+            port:
+              number: 80
+        path: /
+        pathType: ImplementationSpecific
+  tls:
+  - hosts:
+    - longhorn.michaelthomson.dev
+    secretName: longhorn-tls
diff --git a/infrastructure/controllers/longhorn/release.yaml b/infrastructure/controllers/longhorn/release.yaml
index a6fb6c0..5e05319 100644
--- a/infrastructure/controllers/longhorn/release.yaml
+++ b/infrastructure/controllers/longhorn/release.yaml
@@ -32,12 +32,4 @@ spec:
       restoreVolumeRecurringJobs: true
 
     ingress:
-      enabled: true
-      ingressClassName: traefik
-      host: longhorn.michaelthomson.dev
-      tls: true
-      secureBackends: true
-      tlsSecret: letsencrypt-wildcard-cert-michaelthomson.dev
-      annotations:
-        traefik.ingress.kubernetes.io/router.tls: "true"
-        traefik.ingress.kubernetes.io/router.entrypoints: websecure
+      enabled: false
diff --git a/infrastructure/controllers/traefik/release.yaml b/infrastructure/controllers/traefik/release.yaml
index 6077fee..5501c90 100644
--- a/infrastructure/controllers/traefik/release.yaml
+++ b/infrastructure/controllers/traefik/release.yaml
@@ -19,13 +19,7 @@ spec:
         allowCrossNamespace: true
     ingressRoute:
       dashboard:
-        enabled: true
-        matchRule: Host(`server.michaelthomson.dev`)
-        entryPoints: ["websecure"]
-        tls:
-          secretName: letsencrypt-wildcard-cert-michaelthomson.dev
-          domains:
-            - main: server.michaelthomson.dev
+        enabled: false
     ports:
       websecure:
         transport: