This tutorial will guide you through setting up a production-ready Meilisearch instance on Google Cloud Platform (GCP) using a Compute Engine virtual machine.
Meilisearch Cloud is the recommended way to run Meilisearch in production environments. Prerequisites
- A Google Cloud account with billing enabled
- A Compute Engine VM running Debian 12 or Ubuntu 22.04 LTS
- An SSH key pair or access via Google Cloud Console SSH
- Firewall rules allowing inbound traffic on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS)
Step 1: Install Meilisearch
Connect to your VM via SSH (using the Google Cloud Console or gcloud CLI) and update the system:
sudo apt update && sudo apt upgrade -y
sudo apt install curl -y
curl -L https://install.meilisearch.com | sh
sudo mv ./meilisearch /usr/local/bin/
Step 2: Create system user
Create a dedicated user for running Meilisearch:
sudo useradd -d /var/lib/meilisearch -s /bin/false -m -r meilisearch
sudo chown meilisearch:meilisearch /usr/local/bin/meilisearch
Step 3: Create a configuration file
Create data directories for Meilisearch:
sudo mkdir -p /var/lib/meilisearch/data /var/lib/meilisearch/dumps /var/lib/meilisearch/snapshots
sudo chown -R meilisearch:meilisearch /var/lib/meilisearch
sudo chmod 750 /var/lib/meilisearch
For production workloads, consider attaching a persistent disk for data storage. This allows for easy snapshots and disk resizing independent of the VM.
curl https://raw.githubusercontent.com/meilisearch/meilisearch/latest/config.toml | sudo tee /etc/meilisearch.toml > /dev/null
/etc/meilisearch.toml and update these settings, replacing MASTER_KEY with a secure 16-byte string:
env = "production"
master_key = "MASTER_KEY"
db_path = "/var/lib/meilisearch/data"
dump_dir = "/var/lib/meilisearch/dumps"
snapshot_dir = "/var/lib/meilisearch/snapshots"
Step 4: Run Meilisearch as a service
Create a systemd service file:
sudo tee /etc/systemd/system/meilisearch.service > /dev/null << EOF
[Unit]
Description=Meilisearch
After=systemd-user-sessions.service
[Service]
Type=simple
WorkingDirectory=/var/lib/meilisearch
ExecStart=/usr/local/bin/meilisearch --config-file-path /etc/meilisearch.toml
User=meilisearch
Group=meilisearch
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable meilisearch
sudo systemctl start meilisearch
sudo systemctl status meilisearch
Step 5: Secure and finish your setup
In the Google Cloud Console, navigate to VPC Network > Firewall and ensure you have rules allowing:
- Port 22 for SSH access
- Port 80 for HTTP traffic
- Port 443 for HTTPS traffic
You can also use gcloud CLI:
gcloud compute firewall-rules create allow-http --allow tcp:80
gcloud compute firewall-rules create allow-https --allow tcp:443
5.2. Set up a reverse proxy with Nginx
Install Nginx:
sudo apt install nginx -y
sudo rm -f /etc/nginx/sites-enabled/default
sudo tee /etc/nginx/sites-enabled/meilisearch > /dev/null << EOF
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name your_domain;
location / {
proxy_pass http://localhost:7700;
}
}
EOF
your_domain with your actual domain name (or use _ as a catch-all if you don’t have one yet).
Restart Nginx:
sudo systemctl enable nginx
sudo systemctl restart nginx
5.3. Enable HTTPS with Let’s Encrypt
Before enabling HTTPS, ensure you have a domain name pointing to your VM’s external IP address. You can reserve a static IP in Google Cloud Console under VPC Network > External IP addresses.
sudo apt install certbot python3-certbot-nginx -y
sudo certbot renew --dry-run
Conclusion
Your Meilisearch instance is now running on Google Cloud with:
- A dedicated system user for security
- Automatic restart via systemd
- Nginx reverse proxy
- HTTPS encryption via Let’s Encrypt
For high-availability setups, consider using a managed instance group with a Cloud Load Balancer. 
