Yeah, that’s what I thought the code in my original post did. But then I got the cannot bind '0.0.0.0:80': Permission denied error in istiod and the newly started istio-ingressgateway hung.
I didn’t try with status-port included, though, is that one obligatory to include in the service? I will try tomorrow when I’m back at work. Many thanks for your help!