ArgoCD Bootstrap

Setting	Value	Purpose
`server.insecure`	`"true"`	TLS terminates at Traefik, not ArgoCD
`url`	`https://argocd.homelab.vyanh.uk`	External URL
`oidc.config`	Authentik OIDC	SSO login via Authentik
`resource.exclusions`	Leases, TokenReviews, CiliumIdentity, etc.	Reduce API noise

¶ ArgoCD Bootstrap