diff --git a/k8s/http-ingress/external-services.yaml b/k8s/http-ingress/external-services.yaml
new file mode 100644
index 0000000..7a8cf79
--- /dev/null
+++ b/k8s/http-ingress/external-services.yaml
@@ -0,0 +1,29 @@
+# ceph-dashboard.home.finn.io
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: ceph-dashboard.home.finn.io
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`ceph-dashboard.k8s.home.finn.io`) && PathPrefix(`/`)
+      kind: Rule
+      services:
+        - name: ceph-dashboard-home-finn-io
+          kind: Service
+          port: 80
+      middlewares:
+        - name: kube-system-traefik-forward-auth@kubernetescrd
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ceph-dashboard-home-finn-io
+spec:
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ExternalName
+  externalName: 10.5.1.219
diff --git a/k8s/http-ingress/kustomization.yaml b/k8s/http-ingress/kustomization.yaml
new file mode 100644
index 0000000..c13b084
--- /dev/null
+++ b/k8s/http-ingress/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: http-ingress
+resources:
+  - namespace.yaml
+  - external-services.yaml
diff --git a/k8s/http-ingress/namespace.yaml b/k8s/http-ingress/namespace.yaml
new file mode 100644
index 0000000..557f3ca
--- /dev/null
+++ b/k8s/http-ingress/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: http-ingress
diff --git a/k8s/system/traefik-dashboard.yaml b/k8s/system/traefik-dashboard.yaml
index 951f331..4d0a45c 100644
--- a/k8s/system/traefik-dashboard.yaml
+++ b/k8s/system/traefik-dashboard.yaml
@@ -1,4 +1,4 @@
-apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
   name: traefik-dashboard
diff --git a/k8s/system/traefik-helm-chart.yaml b/k8s/system/traefik-helm-chart.yaml
index 06f3495..e685289 100644
--- a/k8s/system/traefik-helm-chart.yaml
+++ b/k8s/system/traefik-helm-chart.yaml
@@ -33,6 +33,7 @@ spec:
     providers:
       kubernetesCRD:
         allowCrossNamespace: true
+        allowExternalNameServices: true
     logs:
       access:
         enabled: true
diff --git a/talos/k8s/rook/dashboard.yaml b/talos/k8s/rook/dashboard.yaml
new file mode 100644
index 0000000..f5164c3
--- /dev/null
+++ b/talos/k8s/rook/dashboard.yaml
@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ceph-dashboard.k8s.home.finn.io
+  labels:
+    name: ceph-dashboard.k8s.home.finn.io
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt
+spec:
+  rules:
+    - host: ceph-dashboard.k8s.home.finn.io
+      http:
+        paths:
+          - pathType: Prefix
+            path: /
+            backend:
+              service:
+                name: rook-ceph-mgr-dashboard
+                port:
+                  number: 7000
diff --git a/talos/k8s/rook/kustomization.yaml b/talos/k8s/rook/kustomization.yaml
index f3896f3..2c17cf7 100644
--- a/talos/k8s/rook/kustomization.yaml
+++ b/talos/k8s/rook/kustomization.yaml
@@ -3,5 +3,7 @@ kind: Kustomization
 namespace: rook-ceph
 resources:
   - buckets.yaml
+  - dashboard.yaml
+  - filesystems.yaml
   - s3-pool.yaml
   - servicemonitor.yaml