diff --git a/deploy/infra/network-policies.yaml b/deploy/infra/network-policies.yaml
index 0ef28ac..8319a04 100644
--- a/deploy/infra/network-policies.yaml
+++ b/deploy/infra/network-policies.yaml
@@ -12,6 +12,25 @@ spec:
               values:
                 - git-limbosolutions-com
 
+    
+---
+
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-ssh-to-gitea
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/name: gitea
+
+  ingress:
+    - fromCIDRSet:
+        - cidr: 0.0.0.0/0
+      toPorts:
+        - ports:
+            - port: "2222"
+              protocol: TCP
 ---
 
 apiVersion: cilium.io/v2
@@ -40,13 +59,3 @@ spec:
             - port: "3000"
               protocol: TCP
 
-    # -------------------------------------------------------------
-    # Allow SSH (2222)
-    # -------------------------------------------------------------
-    - fromCIDRSet:
-        - cidr: 0.0.0.0/0
-      toPorts:
-        - ports:
-            - port: "2222"
-              protocol: TCP
-