n8n

From KlavoWiki
Jump to navigationJump to search

Docker

  n8n:
    image: n8nio/n8n:latest
    container_name: n8n
    restart: unless-stopped
    user: "1000:1000"
    ports:
      - 5678:5678
    environment:
      - GENERIC_TIMEZONE=Australia/Brisbane
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=n8nuser
      - N8N_BASIC_AUTH_PASSWORD=your_strong_password
      - NODE_ENV=production
      - N8N_SECURE_COOKIE=true
      - N8N_EDITOR_BASE_URL=https://n8n.klaverstyn.com.au/
      - WEBHOOK_URL=https://n8n.klaverstyn.com.au/
      - N8N_RUNNERS_ENABLED=true
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
      - DB_TYPE=sqlite
      - DB_SQLITE_VACUUM_ON_STARTUP=true
      - N8N_METRICS=true
      - N8N_DEFAULT_BINARY_DATA_MODE=filesystem
      - EXECUTIONS_DATA_PRUNE=true
      - EXECUTIONS_DATA_MAX_AGE=168
    volumes:
      - ~/n8n:/home/node/.n8n

nginx

server {
    listen 10.13.13.242:80;
    listen [2403:580a:e75f:1::242]:80;

    server_name n8n.klaverstyn.com.au;

    # Redirect all HTTP traffic to HTTPS
    return 301 https://$host$request_uri;

    access_log /var/log/nginx/access_n8n.log;
    error_log /var/log/nginx/error_n8n.log;
}


server {
    listen 10.13.13.242:443 ssl;
    listen [2403:580a:e75f:1::242]:443 ssl;
    http2 on;

    server_name n8n.klaverstyn.com.au;

    access_log /var/log/nginx/access_n8n.log;
    error_log /var/log/nginx/error_n8n.log;


    ssl_certificate         /etc/letsencrypt/live/n8n.klaverstyn.com.au/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/n8n.klaverstyn.com.au/privkey.pem;

    client_max_body_size 350M;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "no-referrer-when-downgrade" always;
    add_header Permissions-Policy "geolocation=(), camera=(), microphone=()" always;


    if ($http_user_agent ~* (HTTrack|wget|curl|nikto|sqlmap)) {
        return 403;
    }

    location / {
        proxy_pass http://localhost:5678;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;

        proxy_redirect off;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}
Retrieved from "https://klaverstyn.com.au/david/wiki/index.php?title=n8n&oldid=2685"