diff --git a/kubernetes/main/apps/default/echo-server/app/helmrelease.yaml b/kubernetes/main/apps/default/echo-server/app/helmrelease.yaml
index 8183e6f0d..f0decaa9b 100644
--- a/kubernetes/main/apps/default/echo-server/app/helmrelease.yaml
+++ b/kubernetes/main/apps/default/echo-server/app/helmrelease.yaml
@@ -88,7 +88,7 @@ spec:
           gethomepage.dev/name: Echo
           gethomepage.dev/icon: mdi-web
         hosts:
-          - host: "{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}"
+          - host: "echo.${SECRET_EXTERNAL_DOMAIN}"
             paths:
               - path: /
                 service:
diff --git a/kubernetes/main/apps/default/kustomization.yaml b/kubernetes/main/apps/default/kustomization.yaml
index abebf3e91..172a33cdd 100644
--- a/kubernetes/main/apps/default/kustomization.yaml
+++ b/kubernetes/main/apps/default/kustomization.yaml
@@ -5,8 +5,8 @@ kind: Kustomization
 resources:
   - ./namespace.yaml
   # - ./atuin/ks.yaml
-  # - ./echo-server/ks.yaml
-  - ./filebrowser/ks.yaml
+  - ./echo-server/ks.yaml
+  # - ./filebrowser/ks.yaml
   # - ./homepage/ks.yaml
   # - ./linkding/ks.yaml
   # - ./livebook/ks.yaml
diff --git a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml
index 3f3876267..d1dd6f7e2 100644
--- a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml
+++ b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml
@@ -29,7 +29,7 @@ k8sServicePort: 7445
 kubeProxyReplacement: true
 kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
 l2announcements:
-  enabled: false
+  enabled: true
   # Cilium BGP control plane instead to traverse VLAN network segments instead
   # enabled: false # https://github.com/cilium/cilium/issues/28985
 loadBalancer:
diff --git a/kubernetes/main/flux/vars/cluster-secrets.sops.yaml b/kubernetes/main/flux/vars/cluster-secrets.sops.yaml
index 5fb987c74..1a92a54e0 100644
--- a/kubernetes/main/flux/vars/cluster-secrets.sops.yaml
+++ b/kubernetes/main/flux/vars/cluster-secrets.sops.yaml
@@ -4,14 +4,14 @@ metadata:
   name: cluster-secrets
   namespace: flux-system
 stringData:
-  SECRET_EXTERNAL_DOMAIN: ENC[AES256_GCM,data:QwSjAXG/+nAzRuH6lho=,iv:Kf6tbaoliTb9PIk3aW2+Yg5yk8D3oEF39JFggZmtELI=,tag:XCfcPfmjkyhVtBp1JmOKrw==,type:str]
-  SECRET_INTERNAL_DOMAIN: ENC[AES256_GCM,data:Bo+WZcWRbszM7bShkDJGPqdohgxsaWY=,iv:v5l0kFJ+nU88IzKs7wNmBWoSkIZ4A3KGlnh1lt2Uvbc=,tag:+aPKbckw8ER8VXqdOtss8g==,type:str]
-  #ENC[AES256_GCM,data:Cx6aNKZLdyFtbrKriY3S/MVUSYlttrPgxkzPcz5llUi0h24zdMsH,iv:cCKhBRXc4s7oiWMlCSddNzY0gkFAHLDeE9YzFlLTJLg=,tag:1Pha4UbOouxpfEb/PL/FFA==,type:comment]
-  SECRET_ACME_EMAIL: ENC[AES256_GCM,data:7tqYhzB15yO0aSUZrQ6oAALxciDx97dLjSA=,iv:gA11Lj2+t6xoBhklIGD5s1oIJgGtubycM2PRHN5UwsU=,tag:ql36JuEQl+6dSTWueq708g==,type:str]
-  SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:lKNpM+Ky84gJdG+Sp+yuxrBIxc1mgEhl+tAwSPBzYmqL/7MJ,iv:Idaf75/48ncOYxbLvJhwcsljRr+z9hFCaMKKo9GKrGA=,tag:Gnf9QsT0ZU8fzE/40mdMUg==,type:str]
-  SECRET_SMTP_FROM: ENC[AES256_GCM,data:cPG+hhm7nKh+Dxjy19w4lh/SQKx+vJU87TeC0Q==,iv:mAnEHcsLO2tdQTiabCpRMjJGOF+e/1eJf2oPiv70C7I=,tag:STywPVzFwJc79EYTvIm9hA==,type:str]
-  SECRET_NOTIFY_EMAIL: ENC[AES256_GCM,data:OSpBvEk9SgITdwL11l69hoQx8ft+I9z0,iv:GyqUUMslKEoSGLiyToNNL+r9xqWBg7x3UEzbo1jH6/o=,tag:br0XPrz0j7pnHStXHGyRQA==,type:str]
-  SECRET_PUSHOVER_USER_KEY: ENC[AES256_GCM,data:6D6KwSQQTh5jk4iuR5SbXMg+2vgvq/JUYppJ6p8H,iv:54j6y+HyEX5AWrJge6Hzp2Ma+RfJgmL1PexOEw6d6eg=,tag:sqxtXsEJWDQ5vKS45cGYPA==,type:str]
+  SECRET_EXTERNAL_DOMAIN: ENC[AES256_GCM,data:bV2Pb9Tn7GKYTyuuzlM=,iv:++zNPAb3WssmkbGLuLg/QhGByZSOAYH2RzFOu1AIHXM=,tag:MVLQCM/vPWWWsOZ2mJCJ/A==,type:str]
+  SECRET_INTERNAL_DOMAIN: ENC[AES256_GCM,data:Lv9H1C/K8QnpPD+f/OFXN0S5Y7+270Q=,iv:a2Xt63KzWetpf+wTQ36CnURztAHNgwTDpn1kyi7X9DQ=,tag:6N6WB5F65dbF6Vb6MybiRg==,type:str]
+  #ENC[AES256_GCM,data:a2LJJs+KyVKNodusM/rKKnlNLqp3iWLJEE2ADbbouClM38Pkvx7y,iv:Oslz9bGt2clbOQ/OepBzUxHTo4GzQxw83ZshbuTGU+A=,tag:3UhM6f1TLB+mo46BcHxDoQ==,type:comment]
+  SECRET_ACME_EMAIL: ENC[AES256_GCM,data:NMLlI1hHxPBQAdRtFd5c1WmZTsquL3Q9Is0=,iv:gVJ2hMg1IM+UP933Vx0XTT4Maq8SVVFUNUYbuKTQRX0=,tag:EHecRuqEmZywiYOxWEbgKw==,type:str]
+  SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:RxXRdrpGlZbKh2xs+KjeD1Vvy5bURixaDACFGZrTiYmJ7ZMM,iv:twhNxrMZS7wN6C57zhuQNPTsFlwHuxcg6/aiGeL0njE=,tag:1lHOukmrSNNGMR8EOTY0fg==,type:str]
+  SECRET_SMTP_FROM: ENC[AES256_GCM,data:QE4CdUGeys/N2aKx/v8LAsmBYe3XtYwhzyFLqg==,iv:CAvXkvR79kE+LgZ7KImDnmPnaXubUulk6GDz0iRZrE8=,tag:330aPnJfme33xYhdUzjPhA==,type:str]
+  SECRET_NOTIFY_EMAIL: ENC[AES256_GCM,data:nOZxTDjHvXkGXty2ZGqQI4OuUPv2CG3U,iv:3ylf+wn9C33KgNP5bEINBpTR1mHgLi2UkFZFeAEytXg=,tag:3oe6r5izX6em/4B0XI4n0g==,type:str]
+  SECRET_PUSHOVER_USER_KEY: ENC[AES256_GCM,data:T8JWAM0QSX0U96ekxlk7Jh7lgZWCMu1/hy74VEdW,iv:CBh5g7OzNQRLjRP/i5yQPgDHNYIYZt0G86OwlPUtyH4=,tag:5SoSvYsKiFg/2txnXXn4PQ==,type:str]
 sops:
   kms: []
   gcp_kms: []
@@ -21,14 +21,14 @@ sops:
     - recipient: age148wprsnqjq8jughvywnzmvs8gffhrkendpr7g60q8u4rdsj4jvuqk7ltrs
       enc: |
         -----BEGIN AGE ENCRYPTED FILE-----
-        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNL0piQjhEbEFoYWUycSsz
-        KzIwQWlaQ1BRN3F1TjlVN2I2QlJMMXphUEd3ClRGQmp1NjMrcFlWT1pWZ0RhQ04x
-        MDQzRUxZY3RNMHRkR1V6Vk5CQXd6RjgKLS0tIHhOMWFVOSt1T3NJUVJQTjREM2NX
-        YlM1MktYd3B3K3Zqd2NGQ1EzZy9zRzgKe+d9R16eb+aj6lP2S+R9FJREjHe5HkQW
-        OT3OO99pI62yhRuJhskcVNCVPIyb6GvagdUYbkJ8OPeLHu8i1bgfeQ==
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsdElvMGdyOG9nU090Mk1r
+        UXZEdVREaFF5ejM2TlBmRXNhMlZjeUs4S2prCnVHMTBmY2dJQ0RYcHVXcXhzKzk5
+        cnp2bm9TNExGQm9jdW5KUTlKVHVMdTgKLS0tIEs5bDRyMG1XNFJ6aG5JeGxDTzFs
+        NVYzUGZHOEIwcHVRQnJWT1RyUDlIMHcKLflhXjGdicbh4jggvYmvjHdoy+TMcWAb
+        cXp4SxAk8zUw2IfwMY45O+4XHxPDoA27yK5HIbC6h8YpT610U0GZOQ==
         -----END AGE ENCRYPTED FILE-----
-  lastmodified: "2024-09-16T02:59:56Z"
-  mac: ENC[AES256_GCM,data:mfxi6lUlUY64qs+1b5k3lwDZqrAm6oa/MS8WLlvjHikuDM0JUbqOnfe9IWKSyag46f4KMTioi2Qf0AHuoF58TYHYwr6ROpmW+9MlxarLsXoU8wYyreB/CKsvCyKg/PTqBW/olZznT9aVs9lnLGlYxzNPdV/vEUOgpPwQttdt688=,iv:ypFb1nGz+ZzrdKlr2BhNbn7LzKoYOM9CvgSRvtf0qXY=,tag:lWPv2UubB6K3nx1w6tjhZw==,type:str]
+  lastmodified: "2024-09-16T05:59:49Z"
+  mac: ENC[AES256_GCM,data:zQfZDDb4RXUdquyKEGSNzfANIbkHXOaF4Ug+L1IcknT+fDdAAL1kLZauFlMMvu8LzYHkzOYU2dWleKG2pLTiHfWaRK3HYexPEDwEkLOrOJXK0Ecqdxkze/tu6zF6bvRx8uEsYkRlGsCgo5goP0ZmgxlBiZYp58XYoSeKHTr8iXM=,iv:f9sE2wKAHXeaNiNX2/M/j03XS295DiGyqGlDvxEj0eE=,tag:J1jbR2cLuh4e9qs3Kqmhnw==,type:str]
   pgp: []
   encrypted_regex: ^(data|stringData)$
   version: 3.9.0