diff --git a/charts/portalmodelo/v0.5.0/templates/ingress.yaml b/charts/portalmodelo/v0.5.0/templates/ingress.yaml
index ed78d16..be8c5dc 100644
--- a/charts/portalmodelo/v0.5.0/templates/ingress.yaml
+++ b/charts/portalmodelo/v0.5.0/templates/ingress.yaml
@@ -1,6 +1,6 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "portalmodelo.fullname" . -}}
-{{- $ingressPath := .Values.ingress.path -}}
+{{- $hostName := .Values.portal.hostname -}}
 {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
@@ -11,29 +11,22 @@ metadata:
   name: {{ $fullName }}
   labels:
     {{- include "portalmodelo.labels" . | nindent 4 }}
-  {{- with .Values.ingress.annotations }}
   annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/www.{{ $hostName }}:443/portal/VirtualHostRoot/$1"
+    nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
 spec:
-  {{- if .Values.ingress.tls }}
   tls:
-    {{- range .Values.ingress.tls }}
     - hosts:
-        {{- range .hosts }}
-        - {{ . | quote }}
-        {{- end }}
-      secretName: {{ .secretName }}
-    {{- end }}
-  {{- end }}
+        - "www.{{ $hostName }}"
+        - "{{ $hostName }}"
+      secretName: {{ $hostName | replace "." "-" }}-tls
   rules:
-    {{- range .Values.ingress.hosts }}
-    - host: {{ . | quote }}
+    - host: "www.{{ $hostName }}"
       http:
         paths:
-          - path: {{ $ingressPath }}
+          - path: /(.*)
             backend:
               serviceName: {{ $fullName }}-plone
               servicePort: 8080
-    {{- end }}
-  {{- end }}
+{{- end }}
diff --git a/charts/portalmodelo/v0.5.0/values.yaml b/charts/portalmodelo/v0.5.0/values.yaml
index 642d028..c630de5 100644
--- a/charts/portalmodelo/v0.5.0/values.yaml
+++ b/charts/portalmodelo/v0.5.0/values.yaml
@@ -49,19 +49,8 @@ securityContext: {}
 
 ingress:
   enabled: true
-  hosts:
-   - teste.df.leg.br
-   - www.teste.df.leg.br
-  path: /
-  tls: []
-  #  - secretName: teste-df-tls
-  #    hosts:
-  #      - teste.df.leg.br
-  #      - www.teste.df.leg.br
+  # extra annotations only
   annotations: {}
-  #  kubernetes.io/ingress.class: nginx
-  #  kubernetes.io/tls-acme: "true"
-  #  certmanager.k8s.io/cluster-issuer: letsencrypt-staging # your cluerissuer name
 
 resources:
   plone: