#community-help

Typesense Production Architecture and Security Question

TLDR bnfd asked about Typesense production architecture and security. Kishore Nallan recommended not using it as a primary datastore and provided security advice.

29mo

Join the chat

Aug 25, 2021 (29 months ago)

Photo of md5-ca6495d5be926db80e09aabf066f4b8b

bnfd

02:54 PM

What is the recommended architecture for running typesense in production? Should we use postgres (or something similar) as primary datastore and sync the updates to typesense?

Photo of md5-4e872368b2b2668460205b409e95c2ea

Kishore Nallan

02:55 PM

Yes, Typesense is not meant to be used as a primary datastore. Depending on how often your data changes you can do daily dumps or streaming updates.

bnfd

03:05 PM

Thanks!

03:08

bnfd

03:08 PM

What about security hardening? In a use case where there are multiple collections, multiple users, user1 should only have access to user1 documents, user2 only user2 documents etc. I'm thinking reverse proxy with nginx + SSL + scoped keys. Is there anything else that's recommended?

Kishore Nallan

03:09 PM

Scoped keys will handle user-level access control well. Nginx is optional because Typesense uses a production grade HTTP server library (h2o) which is used by Fastly in their edge deployments, so it's battle tested.

bnfd

03:11 PM

as a means to not expose typesense directly

Kishore Nallan

03:12 PM

It's fine to expose directly.

Typesense

Lightning-fast, open source search engine for everyone | Knowledge Base powered by Struct.AI

Indexed 3015 threads (79% resolved)

Join Our Community

Similar Threads

Managing Typesense Across Large Datasets

Phillip inquired about best practices with Typesense for large datasets. Ross shared personal practices, and Jason confirmed Typesense isn't designed to be a primary datastore. Patrick shared a related discussion link. Viji mentioned using DynamoDB Streams as an option.

16mo

Misunderstanding Typesense and H2O Proxies

Daniel was confused about using H2O as a reverse proxy with Typesense. Jason clarified that H2O is not mandatory and that Typesense can be directly exposed to public traffic. Daniel decided to continue using NGINX.

26mo

Understanding Typesense's Functionality and Usage as a Search Engine

Tim asked about Typesense's function as a DB storage. Jason clarified Typesense functions primarily as a search engine and is not meant to be a primary data store. They also discussed data management strategies using Typesense. Joe provided further insight and recommended resources.

33mo