- Enable xpack.security in Elasticsearch (was explicitly disabled)
- Add ELASTIC_PASSWORD env var so the built-in elastic user gets the password
- Disable HTTP SSL to keep plain HTTP while still enforcing basic auth
- Disable transport SSL (single-node setup)
- Update healthcheck to authenticate with elastic credentials
- Replace TCP-only nc healthcheck with HTTP cluster health API check via curl,
so the container is only marked healthy when ES is actually ready (not just
when the TCP port is open during startup)
- Add indices.fielddata.cache.size=20% to cap field-data cache and prevent
unbounded heap growth / OOM kills on large datasets
- Add indices.memory.index_buffer_size=20% to improve bulk indexing throughput
by buffering more data in memory before flushing to disk
- Add thread_pool.write.queue_size=1000 to avoid rejected indexing requests
when Nextcloud's background jobs submit many files simultaneously
Changes applied to: Containers/fulltextsearch/healthcheck.sh,
php/containers.json, manual-install/latest.yml
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/a036678d-a9f5-4db3-8cc6-3e3d52f4e97f
Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
