This tutorial will guide you through setting up a production-ready Meilisearch instance on Amazon Web Services (AWS) using an EC2 instance.
Meilisearch Cloud is the recommended way to run Meilisearch in production environments. Prerequisites
- An AWS account
- An EC2 instance running Ubuntu 22.04 LTS or Amazon Linux 2023
- An SSH key pair to connect to that instance
- A security group allowing inbound traffic on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS)
Step 1: Install Meilisearch
Log into your EC2 instance via SSH and update the system packages:
sudo apt update && sudo apt upgrade -y
sudo apt install curl -y
sudo yum update -y
sudo yum install curl -y
curl to download and run the Meilisearch command-line installer:
curl -L https://install.meilisearch.com | sh
/usr/local/bin to make it accessible from anywhere:
sudo mv ./meilisearch /usr/local/bin/
Step 2: Create system user
Running applications as root exposes you to unnecessary security risks. Create a dedicated user for Meilisearch:
sudo useradd -d /var/lib/meilisearch -s /bin/false -m -r meilisearch
sudo chown meilisearch:meilisearch /usr/local/bin/meilisearch
Step 3: Create a configuration file
Create the directories where Meilisearch will store its data:
sudo mkdir -p /var/lib/meilisearch/data /var/lib/meilisearch/dumps /var/lib/meilisearch/snapshots
sudo chown -R meilisearch:meilisearch /var/lib/meilisearch
sudo chmod 750 /var/lib/meilisearch
For production workloads, consider using an EBS volume for data storage. This allows for easy snapshots and volume resizing.
curl https://raw.githubusercontent.com/meilisearch/meilisearch/latest/config.toml | sudo tee /etc/meilisearch.toml > /dev/null
/etc/meilisearch.toml and update the following lines, replacing MASTER_KEY with a secure 16-byte string:
env = "production"
master_key = "MASTER_KEY"
db_path = "/var/lib/meilisearch/data"
dump_dir = "/var/lib/meilisearch/dumps"
snapshot_dir = "/var/lib/meilisearch/snapshots"
Step 4: Run Meilisearch as a service
Create a systemd service file to run Meilisearch as a background service:
sudo cat << EOF > /etc/systemd/system/meilisearch.service
[Unit]
Description=Meilisearch
After=systemd-user-sessions.service
[Service]
Type=simple
WorkingDirectory=/var/lib/meilisearch
ExecStart=/usr/local/bin/meilisearch --config-file-path /etc/meilisearch.toml
User=meilisearch
Group=meilisearch
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable meilisearch
sudo systemctl start meilisearch
sudo systemctl status meilisearch
Step 5: Secure and finish your setup
Ensure your EC2 security group allows:
- Port 22 for SSH access
- Port 80 for HTTP traffic
- Port 443 for HTTPS traffic
You can configure this in the AWS Console under EC2 > Security Groups.
5.2. Set up a reverse proxy with Nginx
Install Nginx:
sudo apt install nginx -y
sudo yum install nginx -y
sudo rm -f /etc/nginx/sites-enabled/default 2>/dev/null || true
sudo tee /etc/nginx/conf.d/meilisearch.conf > /dev/null << EOF
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name your_domain;
location / {
proxy_pass http://localhost:7700;
}
}
EOF
your_domain with your actual domain name (or use _ as a catch-all if you don’t have one yet).
Enable and restart Nginx:
sudo systemctl enable nginx
sudo systemctl restart nginx
5.3. Enable HTTPS with Let’s Encrypt
Before enabling HTTPS, ensure you have a domain name pointing to your EC2 instance’s public IP address.
sudo apt install certbot python3-certbot-nginx -y
sudo yum install certbot python3-certbot-nginx -y
sudo certbot renew --dry-run
Conclusion
Your Meilisearch instance is now running on AWS EC2 with:
- A dedicated system user for security
- Automatic restart via systemd
- Nginx reverse proxy
- HTTPS encryption via Let’s Encrypt
For high-availability setups, consider using an Application Load Balancer (ALB) in front of multiple EC2 instances. 
