MeiliSearch is a powerful, fast, and easy-to-use search engine, perfect for developers who want to implement search functionality into their applications. In this blog post, we will walk you through the process of deploying MeiliSearch with SSL encryption using Docker Compose and Nginx as a reverse proxy. This setup ensures a secure connection between your users and your MeiliSearch instance.

Prerequisites

Before you begin, make sure you have the following tools installed on your system:

Docker: Ensure Docker is installed and running on your machine. You can follow the installation guide on the official Docker website.

Docker Compose: Make sure Docker Compose is installed. You can find installation instructions on the official Docker Compose website.

OpenSSL: Required for generating SSL certificates. You can install OpenSSL through your package manager or download it from the official OpenSSL website.

Configuration

Create a docker-compose.yml file in your project directory and copy the following content:

version: '3.8'

services:
  meilisearch:
    image: getmeili/meilisearch:v1.1
    restart: always
    ports:
      - '7700:7700'
    environment:
      - MEILI_MASTER_KEY=key
    volumes:
      - meili_data:/meili_data

  nginx:
    image: nginx:stable-alpine
    restart: always
    ports:
      - '80:80'
      - '443:443'
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - /home/ubuntu/cert.pem:/etc/nginx/certs/fullchain.pem
      - /home/ubuntu/key.pem:/etc/nginx/certs/privkey.pem
    depends_on:
      - meilisearch

volumes:
  meili_data:

This configuration file sets up two services: MeiliSearch and Nginx.

MeiliSearch service:

Uses the MeiliSearch image (v1.1). Automatically restarts if it stops. Maps the container port 7700 to the host port 7700. Sets the environment variable MEILI_MASTER_KEY to "key". Persists the MeiliSearch data to a named volume meili_data.

Nginx service:

Uses the Nginx stable-alpine image. Automatically restarts if it stops. Maps container ports 80 and 443 to host ports 80 and 443, respectively. Mounts the Nginx configuration file and SSL certificate files. Specifies a dependency on the MeiliSearch service. Now, create an nginx.conf file in your project directory and paste the following content:

openssl rand -hex 16

# openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj "/CN=yourdomainname" -nodes # events { # worker_connections 1024; # } # http { # server { # listen 80; # server_name yourdomainname; # return 301 https://$host$request_uri; # } # server { # listen 443 ssl; # server_name yourdomainname; # ssl_certificate /etc/nginx/certs/fullchain.pem; # ssl_certificate_key /etc/nginx/certs/privkey.pem; # ssl_protocols TLSv1.2 TLSv1.3; # ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384'; # location / { # proxy_pass http://meilisearch:7700; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto $scheme; # } # } # }