bump auto-deploy cert expiration time

Apparently there's an alert that goes off if a cert expiring in less than 7 days is used to authenticate to k8s

k8s/forgejo/forgejo-secret-sync/forgejo-secret-sync.py

@@ -40,7 +40,7 @@ def update_cert(k8s_name: str, owner: str, repo: str):
             "/var/lib/rancher/k3s/server/tls/client-ca.key",
             "-CAcreateserial",
             "-days",
-            "2",
+            "10",
         ],
         stdin=req,
     )