diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml
index 8b2d227ec..58d12aa23 100644
--- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml
+++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml
@@ -357,23 +357,6 @@ spec:
             runAsNonRoot: true
             seccompProfile:
               type: RuntimeDefault
-        - command:
-            - /var/run/argocd/argocd-cmp-server
-          image: ghcr.io/akuity/cdk8s-cmp-typescript:1.0
-          name: cmp-cdk8s
-          securityContext:
-            runAsNonRoot: true
-            runAsUser: 999
-          volumeMounts:
-            - mountPath: /var/run/argocd
-              name: var-files
-            - mountPath: /home/argocd/cmp-server/plugins
-              name: plugins
-            - mountPath: /home/argocd/cmp-server/config/plugin.yaml
-              name: argocd-cmp-cm
-              subPath: cdk8s.yaml
-            - mountPath: /tmp
-              name: cmp-tmp
       initContainers:
         - command:
             - /bin/cp
@@ -408,11 +391,6 @@ spec:
       nodeSelector:
         kubernetes.io/os: linux
       volumes:
-        - configMap:
-            name: argocd-cmp-cm
-          name: argocd-cmp-cm
-        - emptyDir: {}
-          name: cmp-tmp
         - name: helm-working-dir
           emptyDir: {}
         - name: plugins
diff --git a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml
new file mode 100644
index 000000000..bf9ac7044
--- /dev/null
+++ b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml
@@ -0,0 +1,35 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: argocd-gitea-repo-infrastructure-secret
+  namespace: argocd
+  labels:
+    app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret
+    app.kubernetes.io/instance: argocd
+    app.kubernetes.io/part-of: argocd
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: type
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/argocd/credentials/repo/infrastructure
+        metadataPolicy: None
+        property: type
+    - secretKey: url
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/argocd/credentials/repo/infrastructure
+        metadataPolicy: None
+        property: url
+    - secretKey: sshPrivateKey
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/argocd/credentials/repo/infrastructure
+        metadataPolicy: None
+        property: sshPrivateKey
diff --git a/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml b/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml
new file mode 100644
index 000000000..c19a69d4f
--- /dev/null
+++ b/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml
@@ -0,0 +1,32 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: argocd-server
+  namespace: argocd
+  labels:
+    helm.sh/chart: argo-cd-9.1.9
+    app.kubernetes.io/name: argocd-server
+    app.kubernetes.io/instance: argocd
+    app.kubernetes.io/component: server
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/part-of: argocd
+    app.kubernetes.io/version: "v3.2.2"
+spec:
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  hostnames:
+    - argocd.alexlebens.net
+  rules:
+    - matches:
+        - path:
+            type: PathPrefix
+            value: /
+      backendRefs:
+        - group: ''
+          kind: Service
+          name: argocd-server
+          port: 80
+          weight: 1