Virtual Service with https and ssh

I’m trying to host an application that needs to have https and ssh exposed. https works, but ssh does not. I dont know what I’m doing wrong. Can someone take a look and tell me what my mistake is?

Gateway and VS

apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: default-gateway
  namespace: istio-system
spec:
  selector:
    app: istio-ingressgateway
  servers:
  - port:
      number: 2022
      name: gitea-ssh
      protocol: TCP
    hosts:
    - git.mydomain
  - port:
      number: 443
      name: https
      protocol: HTTPS
    hosts:
    - "*.mydomain"
    tls:
      mode: SIMPLE
      credentialName: mydomain-wildcard
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: gitea-vs
spec:
  hosts:
  - "git.mydomain"
  gateways:
  - istio-system/default-gateway
  http:
  - match:
    - port: 443
    route:
    - destination:
        port:
          number: 3000
        host: gitea-http.default.svc.cluster.local
  tcp:
  - match:
    - port: 2022
    route:
    - destination:
        host: gitea-ssh.default.svc.cluster.local
        port:
          number: 2022

Well, I found my problem. For future searchers: The config above is correct. I only needed to define a new service port on “ingressGateways.k8s.service.ports”.

      - name: gitea-ssh
        nodePort: randomport?
        port: 2022
        protocol: TCP
        targetPort: 2022