Elasticsearch with user authentication not working?


I am not able to get the full text search working when user authentication for ElasticSearch server is on.

  • Open Distro for Elasticsearch (by Amazon) up and running in docker container on Arch Linux server, listening at port 9201.
  • iptables on server have the port 9201 accessible for any docker container.
  • Nextcloud 19 is also running in a docker container.

I can check that search works:

docker exec -ti nextcloud /bin/sh -c 'curl -X GET "https://elastic.server.com:9201/nextcloud/_search?q="lookingforsomething"&pretty" -k -u nextcloud:blablabla'  --cacert /etc/letsencrypt/letsencrypt_root_ca.pem

This returns the expected result.

However, when I include the user authentication to Nextcloud Admin GUI for full text search as https://nextcloud:blablabla@elastic.server.com:9201 and with index nextcloud, I can see in nextcloud.log that No alive nodes found in your cluster

Any idea what could be wrong?

For the time being, I worked around that problem by setting up an nginx proxy just for nextcloud:

# The header Authorization:
# `echo -n "user:psdwd" | base64`
# dXNlcjpwYXNzd29yZA==

# For nextcloud
server {
    server_name _;
    location / {
        proxy_set_header Host $host;
        proxy_set_header Authorization $http_authorization;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass https://elastic.server.com:9201;
        proxy_set_header Authorization "Basic dXNlcjpwYXNzd29yZA==";
        proxy_buffer_size          128k;
        proxy_buffers              4 256k;
        proxy_busy_buffers_size    256k;