The central cluster no longer hosts Vault for fetching secrets. Instead we ust ExternalSecretsOpertaor to fetch secrets directly from the central clusters Kubernetes-API
Replace vault-token with a K8s ServiceAccount token
Update Talos config to create a secret with the new token
Configure a ClusterSecretStore for the central cluster
Change the ExternalSecret definitions to use the new ClusterSecretStore: Envoy, R2, Grafana, NTFY, Paperless and Syncthing
The central cluster no longer hosts Vault for fetching secrets. Instead we ust ExternalSecretsOpertaor to fetch secrets directly from the central clusters Kubernetes-API