---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
  name: immich
spec:
  refreshInterval: 1h
  secretStoreRefs:
    - name: onepassword-connect
      kind: ClusterSecretStore
  selector:
    secret:
      name: immich-pguser-immich
  data:
    - match:
        secretKey: dbname
        remoteRef:
          remoteKey: immich
          property: DATABASE_NAME
    - match:
        secretKey: host
        remoteRef:
          remoteKey: immich
          property: DATABASE_HOST
    - match:
        secretKey: user
        remoteRef:
          remoteKey: immich
          property: DATABASE_USER
    - match:
        secretKey: password
        remoteRef:
          remoteKey: immich
          property: DATABASE_PASSWORD
    - match:
        secretKey: port
        remoteRef:
          remoteKey: immich
          property: DATABASE_PORT