diff --git a/clusters/cl01tl/management/headlamp/templates/http-route.yaml b/clusters/cl01tl/management/headlamp/templates/http-route.yaml
index 2bf5c21b5..85552de0e 100644
--- a/clusters/cl01tl/management/headlamp/templates/http-route.yaml
+++ b/clusters/cl01tl/management/headlamp/templates/http-route.yaml
@@ -14,6 +14,7 @@ spec:
     - group: gateway.networking.k8s.io
       kind: Gateway
       name: https-gateway
+      namespace: kube-system
   hostnames:
     - headlamp.alexlebens.net
   rules:
@@ -26,3 +27,4 @@ spec:
           kind: Service
           name: headlamp
           port: 80
+          weight: 1
diff --git a/clusters/cl01tl/management/headlamp/templates/namespace.yaml b/clusters/cl01tl/management/headlamp/templates/namespace.yaml
new file mode 100644
index 000000000..034e09860
--- /dev/null
+++ b/clusters/cl01tl/management/headlamp/templates/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: headlamp
+  labels:
+    https-gateway-access: "true"
diff --git a/clusters/cl01tl/standalone/cilium/templates/gateway.yaml b/clusters/cl01tl/standalone/cilium/templates/gateway.yaml
index 280237aef..3c5964c0b 100644
--- a/clusters/cl01tl/standalone/cilium/templates/gateway.yaml
+++ b/clusters/cl01tl/standalone/cilium/templates/gateway.yaml
@@ -18,6 +18,12 @@ spec:
       protocol: HTTPS
       port: 443
       hostname: '*.alexlebens.net'
+      allowedRoutes:
+        namespaces:
+          from: Selector
+          selector:
+            matchLabels:
+              http-gateway-access: "true"
       tls:
         certificateRefs:
           - group: ''