Fix cross-seed DNS - use Kubernetes DNS instead of DOT

DOT (DNS over TLS) requires external DNS servers (1.1.1.1:853) which are
blocked by FIREWALL_OUTBOUND_SUBNETS that only allows cluster networks.
This causes Gluetun DNS proxy to timeout on all DNS lookups, breaking
cross-seed connectivity to qbittorrent and prowlarr services.

Solution: Use Kubernetes DNS (10.144.0.10) directly, disable DOT and
DNS_KEEP_NAMESERVER to allow proper service name resolution.

Author: sofmeright

fluxcd/apps/overlays/production/cross-seed/statefulset-patch.yaml

@@ -120,11 +120,11 @@ spec:
         - name: FIREWALL_OUTBOUND_SUBNETS
           value: "10.0.0.0/8,172.16.0.0/12,172.22.30.33/32"
         - name: DNS_ADDRESS
-          value: ""
+          value: "10.144.0.10"
         - name: DNS_KEEP_NAMESERVER
-          value: "off"
+          $patch: delete
         - name: DOT
-          value: "on"
+          $patch: delete
   volumeClaimTemplates:
   - metadata:
       name: config