--- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: matrix-postgres-creds spec: target: name: matrix-postgres-creds deletionPolicy: Delete template: type: Opaque data: synapse_db_password: |- {{ .synapse_db_password }} mas_db_password: |- {{ .mas_db_password }} data: - secretKey: synapse_db_password sourceRef: storeRef: name: vaultwarden-login kind: ClusterSecretStore remoteRef: conversionStrategy: Default decodingStrategy: None metadataPolicy: None key: 2a9deb39-ef22-433e-a1be-df1555625e22 property: fields[14].value - secretKey: mas_db_password sourceRef: storeRef: name: vaultwarden-login kind: ClusterSecretStore remoteRef: conversionStrategy: Default decodingStrategy: None metadataPolicy: None key: 2a9deb39-ef22-433e-a1be-df1555625e22 property: fields[15].value --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: matrix-oidc-config spec: target: name: matrix-oidc-config deletionPolicy: Delete template: type: Opaque data: mas-oidc.yaml: | upstream_oauth2: providers: - id: 001KKV4EKY7KG98W2M9T806K6A human_name: Authentik issuer: https://idm.hexor.cy/application/o/matrix/ client_id: "{{ .oauth_client_id }}" client_secret: "{{ .oauth_client_secret }}" token_endpoint_auth_method: client_secret_post scope: "openid profile email" claims_imports: localpart: action: require template: "{{ `{{ user.preferred_username }}` }}" displayname: action: suggest template: "{{ `{{ user.name }}` }}" email: action: suggest template: "{{ `{{ user.email }}` }}" set_email_verification: always data: - secretKey: oauth_client_id sourceRef: storeRef: name: vaultwarden-login kind: ClusterSecretStore remoteRef: conversionStrategy: Default decodingStrategy: None metadataPolicy: None key: ca76867f-49f3-4a30-9ef3-b05af35ee49a property: fields[0].value - secretKey: oauth_client_secret sourceRef: storeRef: name: vaultwarden-login kind: ClusterSecretStore remoteRef: conversionStrategy: Default decodingStrategy: None metadataPolicy: None key: ca76867f-49f3-4a30-9ef3-b05af35ee49a property: fields[1].value