Cześć, mam gitea hostowaną na kubernetesie i chcę do niej podłączyć elasticsearch'a żeby służył jako indexer, takie parametry dałem w values (https://gitea.com/gitea/helm-gitea z tego helm charta korzystam)

Kopiuj
extraVolumes:
- name: elasticsearch-ca-cert
  secret:
    secretName: elasticsearch-ca-cert

extraVolumeMounts:
- name: elasticsearch-ca-cert
  readOnly: true
  mountPath: "/etc/elasticsearch-ca"

deployment:
 env:
   - name: SSL_CERT_FILE
     value: /etc/elasticsearch-ca/ca.crt

gitea:
	config:
		indexer:
		  ISSUE_INDEXER_TYPE: elasticsearch
		  ISSUE_INDEXER_CONN_STR: https://user:password@ip:9200
		  REPO_INDEXER_ENABLED: true
		  REPO_INDEXER_TYPE: elasticsearch
		  REPO_INDEXER_CONN_STR: https://user:password@ip:9200

dostaje takie błędy podczas uruchamiania poda

Kopiuj
func1() [I] PID 7: Initializing Issue Indexer: elasticsearch
func3() [I] PID: 7 Initializing Repository Indexer at: https://user:password@ip:9200
populateRepoIndexer() [I] Populating the repo stats indexer with existing repositories
populateRepoIndexer() [I] Done (re)populating the repo stats indexer with existing repositories
func3() [F] PID: 7 Unable to initialize the elasticsearch Repository Indexer connstr: https://user:password@ip:9200 Error: elastic: Error 403 (Forbidden)

Niby zrzuca 403 ale uprawnienia konto posiada opdowiednie dla przykładu curl wszędzie użyte ten sam username/password

Kopiuj
curl --cacert ca.crt -X POST "https://ip:9200/indexer/_doc/" -u "user:password" -H "Content-Type: application/json" -d'
{
  "timestamp": "2025-04-07T12:00:00Z",
  "message": "Sample log message"
}'
"result":"created","_shards":{"total":2,"successful":2,"failed":0}