Typesense is a fast, typo-tolerant search engine that is easy to set up and use. In this tutorial, we will set up Typesense on a VPS and configure it to use SSL certificates. We will use a cheap VPS from Hetzner, but you can use any VPS provider that you prefer.
Before we start, you will need the following:
After your server is spun up, SSH into it and run the following commands:
Make sure to check the official documentation for the latest version of Typesense.
# Update the package list and the packagesapt update && apt upgrade -y # Install Typesense# x64curl -O https://dl.typesense.org/releases/26.0/typesense-server-26.0-linux-amd64.tar.gztar -xzf typesense-server-26.0-linux-amd64.tar.gz # arm64curl -O https://dl.typesense.org/releases/26.0/typesense-server-26.0-linux-arm64.tar.gztar -xzf typesense-server-26.0-linux-arm64.tar.gz
Before proceeding, make sure that your domain is pointing to your VPS.
To set up SSL, we will use Certbot to generate SSL certificates for our domain. Run the following commands:
apt install snapdsnap install core && snap refresh coresnap install --classic certbotcertbot certonly --standalone -d your.domain.example.com
This will also set up auto renewal of your certificates. To make sure that Typesense will use the new certificates you will need to restart the service when the certificates have been renewed.
With your preferred text editor, open the Certbot renewal configuration file /etc/letsencrypt/renewal/your.domain.example.com.conf
.
Add the following line to the file:
renew_hook = systemctl reload typesense-server.service
Open the Typesense configuration file /etc/typesense/typesense-server.ini
with your preferred text editor and change the lines with the comments. All other lines can be left as they are.
[server] api-address = 0.0.0.0api-port = 443 # Adjust the portapi-key = api-key # Set a secure API Keylog-dir = /var/log/typesensessl-certificate = /etc/letsencrypt/live/your.domain.example.com/fullchain.pem # Path to the SSL certificatessl-certificate-key = /etc/letsencrypt/live/your.domain.example.com/privkey.pem # Path to the SSL certificate key
As a security measure, you should adjust the firewall to only allow incoming traffic on the ports you need. Run the following commands:
ufw allow 443ufw allow 80ufw allow 22ufw enable
This ensures, that only traffic from these ports are allowed.
You are now ready to start Typesense!
Run the command below to start Typesense:
systemctl start typesense-server.service
You may check if everything worked by opening the health check URL in your browser: https://your.domain.example.com/health
.
If everything worked, you should see a JSON response like this:
{ "ok": true}
I hope this post helped you! If you have any questions, hit me up on X 😊.