Talos (and Talhelper) seem pretty reasonable so far. Digging Sops too for managing secrets. I was using Ansible Vault before which worked but was weirdly cumbersome to automate (go figure), and Sops seems to Just Work™.
> The link seems to be broken though.
Yeah, I'm a world-class infra engineer. smdh. Changed how the DNS record was created but didn't push my changes so they were reverted by a scheduled job facepalm
Think it's back now...
> Digging Sops too for managing secrets. I was using Ansible Vault before which worked but was weirdly cumbersome to automate (go figure), and Sops seems to Just Work™.
I considered both of those and ended up using the External Secrets Operator + 1Password for my secrets. Maybe not the _best_ solution, but it saved a fair amount of effort on my part.
> Think it's back now...
It's back! Looking forward to reading!