diff --git a/contour/resources/default_gateway.yaml b/contour/resources/default_gateway.yaml
index d66e54c..aff722d 100644
--- a/contour/resources/default_gateway.yaml
+++ b/contour/resources/default_gateway.yaml
@@ -79,6 +79,21 @@ spec:
         certificateRefs:
           - name: vikunja-tls
 
+    - name: harbor-registry
+      hostname: "registry.icb4dc0.de"
+      port: 443
+      protocol: HTTPS
+      allowedRoutes:
+        namespaces:
+          from: Selector
+          selector:
+            matchLabels:
+              kubernetes.io/metadata.name: harbor
+      tls:
+        mode: Terminate
+        certificateRefs:
+          - name: harbor-registry-tls
+
     - name: ente-endpoints
       hostname: "*.ente.icb4dc0.de"
       port: 443
diff --git a/harbor/kustomization.yaml b/harbor/kustomization.yaml
index 4ada27d..3c17fe6 100644
--- a/harbor/kustomization.yaml
+++ b/harbor/kustomization.yaml
@@ -32,6 +32,7 @@ resources:
   - resources/db/db.yaml
   - resources/db/user.yaml
   - resources/dragonfly/db.yaml
+  - resources/http_routes.yaml
 
 labels:
   - includeSelectors: true
diff --git a/harbor/resources/http_routes.yaml b/harbor/resources/http_routes.yaml
new file mode 100644
index 0000000..e0f1a99
--- /dev/null
+++ b/harbor/resources/http_routes.yaml
@@ -0,0 +1,34 @@
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: harbor-http
+spec:
+  parentRefs:
+    - name: contour
+      sectionName: http
+      namespace: projectcontour
+  hostnames:
+    - registry.icb4dc0.de
+  rules:
+    - filters:
+        - type: RequestRedirect
+          requestRedirect:
+            scheme: https
+            statusCode: 301
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: harbor-https
+spec:
+  parentRefs:
+    - name: contour
+      sectionName: harbor-registry
+      namespace: projectcontour
+  hostnames:
+    - registry.icb4dc0.de
+  rules:
+    - backendRefs:
+        - name: harbor
+          port: 80