theshire/kubernetes/apps/media/immich/app/pushsecret.yaml

---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
  name: immich
spec:
  refreshInterval: 1h
  secretStoreRefs:
    - name: onepassword-connect
      kind: ClusterSecretStore
  selector:
    secret:
      name: immich-pguser-immich
  data:
    - match:
        secretKey: dbname
        remoteRef:
          remoteKey: immich
          property: DATABASE_NAME
    - match:
        secretKey: host
        remoteRef:
          remoteKey: immich
          property: DATABASE_HOST
    - match:
        secretKey: user
        remoteRef:
          remoteKey: immich
          property: DATABASE_USER
    - match:
        secretKey: password
        remoteRef:
          remoteKey: immich
          property: DATABASE_PASSWORD
    - match:
        secretKey: port
        remoteRef:
          remoteKey: immich
          property: DATABASE_PORT
Add push secret and form uri based on more reliable service. 2024-05-02 06:43:58 -05:00			`---`
			`# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json`
			`apiVersion: external-secrets.io/v1alpha1`
			`kind: PushSecret`
			`metadata:`
			`name: immich`
			`spec:`
			`refreshInterval: 1h`
			`secretStoreRefs:`
			`- name: onepassword-connect`
			`kind: ClusterSecretStore`
			`selector:`
			`secret:`
			`name: immich-pguser-immich`
			`data:`
			`- match:`
			`secretKey: dbname`
			`remoteRef:`
			`remoteKey: immich`
			`property: DATABASE_NAME`
			`- match:`
			`secretKey: host`
			`remoteRef:`
			`remoteKey: immich`
			`property: DATABASE_HOST`
			`- match:`
			`secretKey: user`
			`remoteRef:`
			`remoteKey: immich`
			`property: DATABASE_USER`
			`- match:`
			`secretKey: password`
			`remoteRef:`
			`remoteKey: immich`
			`property: DATABASE_PASSWORD`
			`- match:`
			`secretKey: port`
			`remoteRef:`
			`remoteKey: immich`
			`property: DATABASE_PORT`