chore(syncthing): attempt to inject sops-encrypted secrets into syncthing's config folder

apps/syncthing/overlays/media/deployment-patch.yaml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: syncthing
+spec:
+  template:
+    containers:
+      - name: syncthing
+        volumeMounts:
+          - name: sync-keys
+            mountPath: /var/syncthing/config/cert.pem
+            subPath: cert.pem
+            readOnly: true
+          - name: sync-keys
+            mountPath: /var/syncthing/config/key.pem
+            readOnly: true
+            subPath: key.pem
+    volumes:
+      - name: sync-keys
+        secret:
+          secretName: sync-secret
+          items:
+            - key: cert.pem
+            - key: key.pem