- installs Flux in hostNetwork mode binded to localhost to new clusters
- rework Taskfiles for new bootstrap flow, including loading secrets direct from 1Password with no SOPS for secret zero
- use 1Password for both talsecret and talenv for talhelper genconfig
- remove SOPS secrets
- add Sinon cluster, used as NAS
- cleanup ExternalSecret and 1P Connect's Flux ks for smoother bootstrap
- try out 1Password Connect as extraContainer in external-secrets deployment to avoid secrets going over network
- general cleanup
