fix: harden cluster rebuild determinism

infrastructure/addons/rancher/kustomization.yaml

@@ -1,8 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - namespace.yaml
   - helmrelease-rancher.yaml
-  - rancher-bootstrap-password-flux-externalsecret.yaml
-  - rancher-bootstrap-password-externalsecret.yaml
   - rancher-tailscale-service.yaml

infrastructure/addons/rancher/namespace.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cattle-system

infrastructure/addons/rancher/rancher-bootstrap-password-externalsecret.yaml

@@ -1,21 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: rancher-bootstrap-password
-  namespace: cattle-system
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: doppler-hetznerterra
-    kind: ClusterSecretStore
-  target:
-    name: rancher-bootstrap-password
-    creationPolicy: Owner
-    template:
-      type: Opaque
-      data:
-        bootstrapPassword: "{{ .rancherBootstrapPassword }}"
-  data:
-    - secretKey: rancherBootstrapPassword
-      remoteRef:
-        key: RANCHER_BOOTSTRAP_PASSWORD

infrastructure/addons/rancher/rancher-bootstrap-password-flux-externalsecret.yaml

@@ -1,21 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: rancher-bootstrap-password
-  namespace: flux-system
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: doppler-hetznerterra
-    kind: ClusterSecretStore
-  target:
-    name: rancher-bootstrap-password
-    creationPolicy: Owner
-    template:
-      type: Opaque
-      data:
-        bootstrapPassword: "{{ .RANCHER_BOOTSTRAP_PASSWORD }}"
-  data:
-    - secretKey: RANCHER_BOOTSTRAP_PASSWORD
-      remoteRef:
-        key: RANCHER_BOOTSTRAP_PASSWORD