This tutorial will guide you through setting up a production-ready Meilisearch instance on Microsoft Azure using a Virtual Machine.
Meilisearch Cloud is the recommended way to run Meilisearch in production environments. Prerequisites
- An Azure account with an active subscription
- A Virtual Machine running Ubuntu 22.04 LTS
- An SSH key pair to connect to the VM
- A Network Security Group (NSG) allowing inbound traffic on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS)
Step 1: Install Meilisearch
Connect to your VM via SSH and update the system:
sudo apt update && sudo apt upgrade -y
sudo apt install curl -y
curl -L https://install.meilisearch.com | sh
sudo mv ./meilisearch /usr/local/bin/
Step 2: Create system user
Create a dedicated user for running Meilisearch:
sudo useradd -d /var/lib/meilisearch -s /bin/false -m -r meilisearch
sudo chown meilisearch:meilisearch /usr/local/bin/meilisearch
Step 3: Create a configuration file
Create data directories for Meilisearch:
sudo mkdir -p /var/lib/meilisearch/data /var/lib/meilisearch/dumps /var/lib/meilisearch/snapshots
sudo chown -R meilisearch:meilisearch /var/lib/meilisearch
sudo chmod 750 /var/lib/meilisearch
For production workloads, consider attaching a managed disk for data storage. This allows for easy snapshots and independent scaling of storage.
curl https://raw.githubusercontent.com/meilisearch/meilisearch/latest/config.toml | sudo tee /etc/meilisearch.toml > /dev/null
/etc/meilisearch.toml and update these settings, replacing MASTER_KEY with a secure 16-byte string:
env = "production"
master_key = "MASTER_KEY"
db_path = "/var/lib/meilisearch/data"
dump_dir = "/var/lib/meilisearch/dumps"
snapshot_dir = "/var/lib/meilisearch/snapshots"
Step 4: Run Meilisearch as a service
Create a systemd service file:
sudo tee /etc/systemd/system/meilisearch.service > /dev/null << EOF
[Unit]
Description=Meilisearch
After=systemd-user-sessions.service
[Service]
Type=simple
WorkingDirectory=/var/lib/meilisearch
ExecStart=/usr/local/bin/meilisearch --config-file-path /etc/meilisearch.toml
User=meilisearch
Group=meilisearch
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable meilisearch
sudo systemctl start meilisearch
sudo systemctl status meilisearch
Step 5: Secure and finish your setup
In the Azure Portal, navigate to your VM’s Network Security Group and ensure you have inbound rules for:
- Port 22 for SSH access
- Port 80 for HTTP traffic
- Port 443 for HTTPS traffic
You can also use Azure CLI:
az network nsg rule create --resource-group myResourceGroup --nsg-name myNSG \
--name allow-http --priority 100 --destination-port-ranges 80 --access Allow --protocol Tcp
az network nsg rule create --resource-group myResourceGroup --nsg-name myNSG \
--name allow-https --priority 101 --destination-port-ranges 443 --access Allow --protocol Tcp
5.2. Set up a reverse proxy with Nginx
Install Nginx:
sudo apt install nginx -y
sudo rm -f /etc/nginx/sites-enabled/default
sudo tee /etc/nginx/sites-enabled/meilisearch > /dev/null << EOF
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name your_domain;
location / {
proxy_pass http://localhost:7700;
}
}
EOF
your_domain with your actual domain name (or use _ as a catch-all if you don’t have one yet).
Restart Nginx:
sudo systemctl enable nginx
sudo systemctl restart nginx
5.3. Enable HTTPS with Let’s Encrypt
Before enabling HTTPS, ensure you have a domain name pointing to your VM’s public IP address. You can configure a static IP in the Azure Portal under your VM’s networking settings.
sudo apt install certbot python3-certbot-nginx -y
sudo certbot renew --dry-run
Conclusion
Your Meilisearch instance is now running on Azure with:
- A dedicated system user for security
- Automatic restart via systemd
- Nginx reverse proxy
- HTTPS encryption via Let’s Encrypt
For high-availability setups, consider using Azure Virtual Machine Scale Sets with an Azure Load Balancer. 
