diff --git a/argocd/manifests/databases/secret-teslamate.yaml.tpl b/argocd/manifests/databases/secret-teslamate.yaml.tpl
index 025f185..355e2be 100644
--- a/argocd/manifests/databases/secret-teslamate.yaml.tpl
+++ b/argocd/manifests/databases/secret-teslamate.yaml.tpl
@@ -1,10 +1,5 @@
 # Template for TeslaMate database user password
 # Apply with: op inject -i argocd/manifests/databases/secret-teslamate.yaml.tpl | kubectl apply -f -
-#
-# Create the 1Password item first:
-#   - Name: "TeslaMate DB Password"
-#   - Vault: blumeops
-#   - Field: "password" with a secure generated password
 apiVersion: v1
 kind: Secret
 metadata:
@@ -13,4 +8,4 @@ metadata:
 type: kubernetes.io/basic-auth
 stringData:
   username: teslamate
-  password: {{ op://blumeops/TeslaMate DB Password/password }}
+  password: {{ op://blumeops/TeslaMate/db_password }}
diff --git a/argocd/manifests/grafana-config/secret-teslamate-datasource.yaml.tpl b/argocd/manifests/grafana-config/secret-teslamate-datasource.yaml.tpl
index dd7eac9..fc2ef62 100644
--- a/argocd/manifests/grafana-config/secret-teslamate-datasource.yaml.tpl
+++ b/argocd/manifests/grafana-config/secret-teslamate-datasource.yaml.tpl
@@ -10,4 +10,4 @@ metadata:
   namespace: monitoring
 type: Opaque
 stringData:
-  TESLAMATE_DB_PASSWORD: {{ op://blumeops/TeslaMate DB Password/password }}
+  TESLAMATE_DB_PASSWORD: {{ op://blumeops/TeslaMate/db_password }}
diff --git a/argocd/manifests/teslamate/secret-db.yaml.tpl b/argocd/manifests/teslamate/secret-db.yaml.tpl
index 583eb8f..20a8b6d 100644
--- a/argocd/manifests/teslamate/secret-db.yaml.tpl
+++ b/argocd/manifests/teslamate/secret-db.yaml.tpl
@@ -1,8 +1,5 @@
 # TeslaMate database connection secret
 #
-# The teslamate user password must be stored in 1Password (blumeops vault)
-# as "TeslaMate DB Password" with a field "password"
-#
 # Apply with: op inject -i argocd/manifests/teslamate/secret-db.yaml.tpl | kubectl apply -f -
 apiVersion: v1
 kind: Secret
@@ -11,4 +8,4 @@ metadata:
   namespace: teslamate
 type: Opaque
 stringData:
-  url: "ecto://teslamate:{{ op://blumeops/TeslaMate DB Password/password }}@blumeops-pg-rw.databases.svc.cluster.local:5432/teslamate"
+  url: "ecto://teslamate:{{ op://blumeops/TeslaMate/db_password }}@blumeops-pg-rw.databases.svc.cluster.local:5432/teslamate"
diff --git a/argocd/manifests/teslamate/secret-encryption-key.yaml.tpl b/argocd/manifests/teslamate/secret-encryption-key.yaml.tpl
index 2c08e2a..a0e57a4 100644
--- a/argocd/manifests/teslamate/secret-encryption-key.yaml.tpl
+++ b/argocd/manifests/teslamate/secret-encryption-key.yaml.tpl
@@ -1,9 +1,6 @@
 # TeslaMate encryption key secret
 # This key encrypts Tesla API tokens at rest in the database
 #
-# Generate the key with: openssl rand -base64 32
-# Store it in 1Password (blumeops vault) as "TeslaMate Encryption Key"
-#
 # Apply with: op inject -i argocd/manifests/teslamate/secret-encryption-key.yaml.tpl | kubectl apply -f -
 apiVersion: v1
 kind: Secret
@@ -12,4 +9,4 @@ metadata:
   namespace: teslamate
 type: Opaque
 stringData:
-  key: {{ op://blumeops/TeslaMate Encryption Key/key }}
+  key: {{ op://blumeops/TeslaMate/api_enc_key }}