fix(database): align stunnel secret name with tls sync

services/database/postgresql/README.md

@@ -22,5 +22,5 @@ directory. Otherwise the ExternalSecrets controller will report
 Use `scripts/seed-vault-postgresql.sh` from a trusted admin shell to write the
 expected Vault keys from local environment variables or existing K8s Secrets.
 The shared TLS Secret for `postgresql-vultr.svc.plus` is synchronized by the
-`k3s-platform` Helm chart into `database/postgresql-vultr-tls`, which
+`k3s-platform` Helm chart into `database/postgresql-tls`, which
 `stunnel-server` consumes directly. Do not commit the secret values to Git.

services/database/postgresql/stunnel-server-deployment.yaml

@@ -38,13 +38,13 @@ spec:
             name: postgresql-stunnel-server
         - name: stunnel-cert
           secret:
-            secretName: postgresql-vultr-tls
+            secretName: postgresql-tls
             items:
               - key: tls.crt
                 path: server-cert.pem
         - name: stunnel-key
           secret:
-            secretName: postgresql-vultr-tls
+            secretName: postgresql-tls
             items:
               - key: tls.key
                 path: server-key.pem

services/database/stunnel-server/stunnel-server-deployment.yaml

@@ -37,13 +37,13 @@ spec:
             name: postgresql-stunnel-server
         - name: stunnel-cert
           secret:
-            secretName: postgresql-vultr-tls
+            secretName: postgresql-tls
             items:
               - key: tls.crt
                 path: server-cert.pem
         - name: stunnel-key
           secret:
-            secretName: postgresql-vultr-tls
+            secretName: postgresql-tls
             items:
               - key: tls.key
                 path: server-key.pem