diff --git a/opensearch-master/Dockerfile b/opensearch-master/Dockerfile
index 45d52bd..e1c1ddf 100644
--- a/opensearch-master/Dockerfile
+++ b/opensearch-master/Dockerfile
@@ -9,7 +9,8 @@ RUN apk add --no-cache \
     bash \
     curl \
     su-exec \
-    libc6-compat
+    libc6-compat \
+    openjdk21-jdk
 
 # Create opensearch user
 RUN addgroup -g 1000 opensearch && \
@@ -19,12 +20,14 @@ RUN addgroup -g 1000 opensearch && \
 RUN curl -L https://artifacts.opensearch.org/releases/bundle/opensearch/3.2.0/opensearch-3.2.0-linux-arm64.tar.gz -o opensearch.tar.gz && \
     tar -xzf opensearch.tar.gz && \
     mv opensearch-3.2.0/* /usr/share/opensearch && \
-    rm opensearch.tar.gz
+    rm -rf opensearch.tar.gz /usr/share/opensearch/jdk && \
+    ln -s /usr/lib/jvm/java-21-openjdk /usr/share/opensearch/jdk
 
 # Create directories and set permissions
 RUN mkdir -p /var/lib/opensearch /var/log/opensearch /usr/share/opensearch/plugins && \
     chown -R opensearch:opensearch /usr/share/opensearch /var/lib/opensearch /var/log/opensearch
 
+    
 # Copy configuration and script
 COPY rootfs /
 
diff --git a/opensearch-master/rootfs/etc/cont-init.d/opensearch.sh b/opensearch-master/rootfs/etc/cont-init.d/opensearch.sh
index 82510f4..11993e3 100644
--- a/opensearch-master/rootfs/etc/cont-init.d/opensearch.sh
+++ b/opensearch-master/rootfs/etc/cont-init.d/opensearch.sh
@@ -2,14 +2,11 @@
 
 # Set environment variables
 export OPENSEARCH_HOME="/usr/share/opensearch"
-export OPENSEARCH_PATH_CONF="/etc/opensearch"
+export OPENSEARCH_PATH_CONF="/usr/share/opensearch/config"
 export OPENSEARCH_JAVA_OPTS="-Xms${HEAP_SIZE:-2g} -Xmx${HEAP_SIZE:-2g}"
 
-# Create config directory
-mkdir -p /etc/opensearch
-
 # Generate opensearch.yml
-cat > /etc/opensearch/opensearch.yml << EOF
+cat > /usr/share/opensearch/config/opensearch.yml << EOF
 cluster.name: ${CLUSTER_NAME:-home-assistant-cluster}
 node.name: ${NODE_NAME:-opensearch-master}
 node.roles: [master]
@@ -23,8 +20,16 @@ http.port: 9200
 discovery.seed_hosts: [${DISCOVERY_SEED_HOSTS:-opensearch-master,opensearch-coordinator}]
 cluster.initial_master_nodes: [${INITIAL_MASTER_NODES:-opensearch-master,opensearch-coordinator}]
 
-plugins.security.disabled: true
+# Keep security but disable SSL
+plugins.security.disabled: false
+plugins.security.ssl.http.enabled: false
+plugins.security.ssl.transport.enabled: false
+plugins.security.allow_default_init_securityindex: true
+
+# Default demo credentials (change in production)
+plugins.security.authcz.admin_dn:
+  - CN=admin,O=opensearch
 EOF
 
 # Set permissions
-chown -R opensearch:opensearch /etc/opensearch /var/lib/opensearch /var/log/opensearch
\ No newline at end of file
+chown -R opensearch:opensearch /usr/share/opensearch /var/lib/opensearch /var/log/opensearch
\ No newline at end of file