Prerequisites
Before starting, ensure you have:
- A server with Docker and Docker Compose installed
- Domain name
henrybroadway.compointing to your server's IP address - SSH access to your server
- Root or sudo privileges
- Vps Provider With Port 25 Open
- dartnode
- rarecloud
- Contabo.
- Ultahost
- Servebyte.
- OVH.
- Alexhost
- Knownhost
- Racknerd
- Turnkey internet.
- Vpsbg
- Hostwinds
Step 1: Install Docker and Docker Compose
If not already installed:
# Update system packages
sudo apt update && sudo apt upgrade -y
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Add your user to docker group
sudo usermod -aG docker $USER
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
# Logout and login again to apply group changes
Step 2: Create Project Directory
# Create directory for n8n
mkdir ~/n8n-docker
cd ~/n8n-docker
Step 3: Create Docker Compose File
Create docker-compose.yml:
version: '3.8'
services:
traefik:
image: traefik:v2.9
restart: always
command:
- --api=true
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.websecure.address=:443
- --entrypoints.web.address=:80
- --certificatesresolvers.mytlschallenge.acme.tlschallenge=true
- --certificatesresolvers.mytlschallenge.acme.email=${ACME_EMAIL}
- --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json
# Redirect HTTP to HTTPS
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
ports:
- "80:80"
- "443:443"
volumes:
- ${PWD}/letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
n8n:
image: docker.n8n.io/n8nio/n8n
restart: always
environment:
- N8N_HOST=henrybroadway.com
- N8N_PORT=5678
- N8N_PROTOCOL=https
- NODE_ENV=production
- WEBHOOK_URL=https://henrybroadway.com/
- GENERIC_TIMEZONE=UTC
- N8N_BASIC_AUTH_ACTIVE=${N8N_BASIC_AUTH_ACTIVE}
- N8N_BASIC_AUTH_USER=${N8N_BASIC_AUTH_USER}
- N8N_BASIC_AUTH_PASSWORD=${N8N_BASIC_AUTH_PASSWORD}
labels:
- traefik.enable=true
- traefik.http.routers.n8n.rule=Host(`henrybroadway.com`)
- traefik.http.routers.n8n.tls=true
- traefik.http.routers.n8n.entrypoints=websecure
- traefik.http.routers.n8n.tls.certresolver=mytlschallenge
- traefik.http.middlewares.n8n.headers.SSLRedirect=true
- traefik.http.middlewares.n8n.headers.STSSeconds=315360000
- traefik.http.middlewares.n8n.headers.browserXSSFilter=true
- traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
- traefik.http.middlewares.n8n.headers.forceSTSHeader=true
- traefik.http.middlewares.n8n.headers.SSLHost=henrybroadway.com
- traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
- traefik.http.middlewares.n8n.headers.STSPreload=true
- traefik.http.routers.n8n.middlewares=n8n@docker
volumes:
- ${PWD}/.n8n:/home/node/.n8n
depends_on:
- traefikStep 4: Configure Environment Variables
Create .env file:
# Replace with your actual email
[email protected]
N8N_BASIC_AUTH_ACTIVE=true
N8N_BASIC_AUTH_USER=admin
N8N_BASIC_AUTH_PASSWORD=MySecure123Pass!
Step 5: Create Required Directories
# Create directories for persistent data
mkdir -p .n8n
mkdir -p letsencrypt
# Set proper permissions
chmod 600 letsencrypt
# Fix permissions
sudo chown -R 1000:1000 .n8n/
sudo chmod -R 755 .n8n/
Step 6: Verify DNS Configuration
Ensure your domain points to your server:
# Check DNS resolution
nslookup henrybroadway.com
dig henrybroadway.com
# Should return your server's IP address
Step 7: Start the Services
# Start all services
docker-compose up -d
# Check if containers are running
docker-compose ps
# View logs
docker-compose logs -f
Step 8: Verify Installation
- Check container status:
docker-compose ps - Monitor logs:
# Watch all logs docker-compose logs -f # Watch only n8n logs docker-compose logs -f n8n - Test SSL certificate:
curl -I https://henrybroadway.com
Step 9: Access n8n
- Open your browser and navigate to:
https://henrybroadway.com - You'll be prompted for basic authentication (if configured)
- Complete the n8n setup wizard
Post-Installation Configuration
Security Hardening
- Change default passwords in
.envfile - Configure firewall:
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 5678/tcp
sudo ufw enable
sudo ufw enable
ufw reload
ufw statusBackup Configuration
Create a backup script backup.sh:
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
tar -czf "n8n_backup_$DATE.tar.gz" .n8n/
echo "Backup created: n8n_backup_$DATE.tar.gz"
Useful Management Commands
# Stop services
docker-compose down
# Update n8n to latest version
docker-compose pull
docker-compose up -d
# View real-time logs
docker-compose logs -f
# Access n8n container shell
docker-compose exec n8n /bin/sh
# Restart specific service
docker-compose restart n8n
Troubleshooting
Common Issues
- SSL Certificate Issues:
# Check certificate status docker-compose logs traefik | grep certificate # Restart traefik docker-compose restart traefik - Permission Issues:
# Fix n8n data permissions sudo chown -R 1000:1000 .n8n/ - Port Conflicts:
# Check what's using port 80/443 sudo netstat -tulnp | grep :80 sudo netstat -tulnp | grep :443 - DNS Issues:
# Verify DNS propagation dig henrybroadway.com @8.8.8.8
Log Locations
- Traefik logs:
docker-compose logs traefik - n8n logs:
docker-compose logs n8n - Let's Encrypt certificates:
./letsencrypt/acme.json
Next Steps
Once n8n is running:
- Complete the initial setup wizard
- Configure your first workflow
- Set up regular backups
- Consider setting up monitoring
- Review security settings
Your n8n installation should now be accessible at https://henrybroadway.com with automatic SSL certificates via Let's Encrypt!
