From 50832be29e8fc601ed3a1736d278056fad32a707 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20D=C3=BCren?= Date: Mon, 17 Mar 2025 09:36:42 +0100 Subject: [PATCH] Clarify IP address source and where to run index creation commands --- CloudronManifest.json | 6 +++++- README.md | 6 ++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CloudronManifest.json b/CloudronManifest.json index f159d65..456878b 100644 --- a/CloudronManifest.json +++ b/CloudronManifest.json @@ -17,6 +17,10 @@ "localDir": "/data" } }, + "accessRestriction": { + "users": true, + "defaultValue": "internal" + }, "tags": [ "elasticsearch", "search", @@ -25,7 +29,7 @@ ], "minBoxVersion": "7.0.0", "memoryLimit": 4294967296, - "postInstallMessage": "Elasticsearch is now installed and available for internal use only.\n\nConnection Information:\n- REST API: ```http://IPADDRESS:9200``` (from within other Cloudron apps)\n- Transport Protocol: port ```9300``` (for Elasticsearch clients)\n\nAuthentication:\n- Username: ```elastic```\n- Password: A secure random password has been generated and stored in ```/app/data/credentials.txt```.\n\nThe password can be retrieved from:\n1. The app logs\n2. By accessing the app container\n3. The file at ```/app/data/credentials.txt```\n\n### Important: Creating Indices\nBefore using Elasticsearch with applications like NextCloud, you need to create the necessary indices.\n\nFor NextCloud FullTextSearch:\n```\ncurl -X PUT \"http://elastic:PASSWORD@IPADDRESS:9200/nextcloud\" -H 'Content-Type: application/json' -d'\n{\n \"settings\": {\n \"index\": {\n \"number_of_shards\": 1,\n \"number_of_replicas\": 0,\n \"refresh_interval\": \"10s\"\n }\n }\n}\n'\n```\nReplace PASSWORD with your elastic user password and IPADDRESS with the Elasticsearch container's IP address.\n\nNote: SSL is disabled for HTTP connections for compatibility with most client applications.", + "postInstallMessage": "Elasticsearch is now installed and available for internal use only.\n\nConnection Information:\n- REST API: ```http://IPADDRESS:9200``` (from within other Cloudron apps)\n- Transport Protocol: port ```9300``` (for Elasticsearch clients)\n\nAuthentication:\n- Username: ```elastic```\n- Password: A secure random password has been generated and stored in ```/app/data/credentials.txt```.\n\nThe password can be retrieved from:\n1. The app logs\n2. By accessing the app container\n3. The file at ```/app/data/credentials.txt```\n\nThe IP Address can be retrieved from the app logs\n\n### Important: Creating Indices\nBefore using Elasticsearch with applications like NextCloud, you need to create the necessary indices.\n\nFor NextCloud FullTextSearch (run for example within the NextCloud Apps Terminal):\n```\ncurl -X PUT \"http://elastic:PASSWORD@IPADDRESS:9200/nextcloud\" -H 'Content-Type: application/json' -d'\n{\n \"settings\": {\n \"index\": {\n \"number_of_shards\": 1,\n \"number_of_replicas\": 0,\n \"refresh_interval\": \"10s\"\n }\n }\n}\n'\n```\nReplace PASSWORD with your elastic user password and IPADDRESS with the Elasticsearch container's IP address.\n\nNote: SSL is disabled for HTTP connections for compatibility with most client applications.", "multiDomain": false, "tcpPorts": { "9300": { diff --git a/README.md b/README.md index e18302b..086b480 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This package provides Elasticsearch for Cloudron, configured for internal use on - Elasticsearch 8.17.3 - Single-node configuration optimized for Cloudron - Security enabled with basic authentication -- Internal access only +- Internal access only by default (not publicly exposed) - Automatic optimization based on container resources ## Usage @@ -71,6 +71,8 @@ You can get the IP address from the Cloudron admin panel or by using the `cloudr ## Security Notes +- The app is configured as internal-only by default, so it's not exposed to the public internet +- If you need external access, you can configure access restrictions in the Cloudron admin panel - HTTP SSL is disabled for compatibility with most client applications - Transport protocol is secured with internal certificates - Authentication is required for all operations @@ -86,7 +88,7 @@ The package automatically configures Elasticsearch based on the container's avai ## Limitations -- This package is for internal use only and is not exposed to the web +- This package is for internal use only and is not exposed to the web by default - It's configured as a single-node cluster for simplicity - Memory usage scales with container limits set in Cloudron