Set up server
First, set up your server at your favorite cloud provider of choise. Evt. Set up SSH keys, instead of root password authentication
Install Typesense
At the moment of writing, these are the install steps:
# x64
curl -O https://dl.typesense.org/releases/0.25.2/typesense-server-0.25.2-amd64.deb
sudo apt install ./typesense-server-0.25.2-amd64.deb
# arm64
curl -O https://dl.typesense.org/releases/0.25.2/typesense-server-0.25.2-arm64.deb
sudo apt install ./typesense-server-0.25.2-arm64.deb
# Start Typesense
sudo systemctl start typesense-server.service
You can find the most up-to-date steps here: https://typesense.org/docs/guide/install-typesense.html#deb-package-on-ubuntu-debian .
Link a domain via DNS to to IP of your server
Link to your domain via a DNS A record:
A yoursearchdomain.com IPOFYOURSERVER
Going live without an SSL certificate
You can get your API key from the file: /etc/typesense/typesense-server.ini . If necessary, you can adjust this key.
If you were to install Typesense in Laravel Scout, PHP, or another provider, it could already work now. When you use these variables in .env of in scout.php:
TYPESENSE_HOST=yoursearchdomain.com // or IPOFYOURSERVER
TYPESENSE_PORT=8108
TYPESENSE_PROTOCOL=http
TYPESENSE_API_KEY=YOURKEY
For example when you try Laravel Scout to import data it should work.
But, to make it more secure, it is better to use SSL to protect the data.
Install SSL with Certbot
At the moment, run:
sudo snap install core; sudo snap refresh core
# if you ran certbot before, uninstall it first (be aware of the fact that previous SSL certificates might go offline)
# sudo apt remove certbot
# enable port 443 if firewall is active
sudo ufw allow 443
# it could be that port 80 is also required for certbot
sudo ufw allow 80
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Thanks to Digital Ocean for the guide for installing Certbot in classic mode.
You will receive the certificate files as an output. For example:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/yourdomain.com/privkey.pem
...
Edit this file: /etc/typesense/typesense-server.ini and add the certificate locations:
ssl-certificate=/etc/letsencrypt/live/yourdomain.com/fullchain.pem
ssl-certificate-key=/etc/letsencrypt/live/yourdomain.com/privkey.pem
Change the following variable
api-port = 8108
To:
api-port = 443
Go to: https://yourdomain.com/health
It should display:
{"ok":true}
Set up Firewall
Try sudo ufw status. Probably it’s open for all traffic. Make sure that only a few ports are available, probably 443 and your ssh port (probably port 22) and if ufw is not enabled:
sudo ufw allow 443
sudo ufw allow 22 # or any other ssh port
Make sure that these ports are correct, it can disable access to your complete VPS / server. After that, enable the Firewall:
sudo ufw enable
Set up Typesense configuration file:
Select the latest Typesense version by the way, when setting up the server configuration. You can add extra parameters at the file: /etc/typesense/typesense-server.ini
.
https://typesense.org/docs/0.25.2/api/server-configuration.html
Set up CORS
You can also set up cors-domains, so that javascript calls are only allowed from certain domains in /etc/typesense/typesense-server.ini
:
enable-cors=true
cors-domains=https://yourdomain1.com,https://yourdomain2.com
Optional: create a regular backup
For example, you can create a snapshot every day and create a backup with tarsnap and acts.
Make a shell file named, make-snapshot.sh. Replace the variables and insert the URL (and port) of your Typesense instance and choose the right snapshot path.
#!/bin/bash
curl "http://localhost:8108/operations/snapshot?snapshot_path=/tmp/typesense-data-snapshot" -X POST \
-H "Content-Type: application/json" \
-H "X-TYPESENSE-API-KEY: ${TYPESENSE_API_KEY}"
Make sure that it’s chmodded correctly.
Then make sure that the contents of this directory is backed up frequency
More info at: https://typesense.org/docs/guide/backups.html .
Optional: Install a monitoring server or hosting package for monitoring the server
We just launched an own simple package, called PHPTypesenseAdmin, which monitors your newly created instance via a simple web interface on PHP.
More useful guides:
- Setting up Typesense via a Docker Image: ServiceStack guide
- Create PHPTypesenseAdmin for monitoring some variables