Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen RevisionVorhergehende Überarbeitung
linux:n8n:installation_compose [2024/01/12 22:20] – Externe Bearbeitung 127.0.0.1linux:n8n:installation_compose [2024/01/13 23:45] (aktuell) – gelöscht psycore
Zeile 1: Zeile 1:
-{{tag>deutsch startpage linux debian n8n tls}} 
-====== n8n Installation mit Docker Compose ====== 
  
-n8n Installation mit Docker Compose, Let's Encrypt [[wpde>SSL]] Zertifikat und Basic Auth. Bei Systemen, die nicht direkt im Internet erreichbar sind, kann auch die [[linux:n8n:installation|HTTP Methode gewählt werden]] (dennoch nicht zu empfehlen). 
- 
-===== 1. Docker Installation (Debian) ===== 
- 
-==== 1.1 alte Versionen deinstallieren ==== 
- 
-<code bash> 
-sudo apt-get remove docker docker-engine docker.io containerd runc 
-</code> 
- 
-==== 1.2 Repo Installation ==== 
- 
-=== 1.2.1 Update apt und HTTPS aktivieren === 
- 
-<code bash> 
- sudo apt-get update 
- 
- sudo apt-get install \ 
-    ca-certificates \ 
-    curl \ 
-    gnupg \ 
-    lsb-release 
-     
-sudo mkdir -m 0755 -p /etc/apt/keyrings 
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 
-echo \ 
-  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ 
-  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 
-  </code> 
-   
-=== 1.2.2 Docker GPG Key hinzufügen === 
- 
-<code bash> 
-sudo mkdir -m 0755 -p /etc/apt/keyrings 
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 
-</code> 
- 
-=== 1.2.3 Repo Setup === 
- 
-<code bash> 
-echo \ 
-  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ 
-  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 
-</code> 
- 
-==== 1.3 Docker Engine installieren ==== 
- 
-<code bash> 
-sudo apt-get update 
-sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin 
-</code> 
- 
-===== 2. Docker Compose installieren ===== 
- 
-<code bash> 
-sudo apt-get install docker-compose-plugin 
-</code> 
- 
-===== 3. DNS Eintrag ===== 
- 
-<code bash> 
-Type: A 
-Name: n8n 
-IP address: <IP_OF_YOUR_SERVER> 
-</code> 
- 
-===== 4. Docker Compose Datei erstellen ===== 
- 
-<code>/somedirectory/docker-compose.yml</code> 
- 
-==== 4.1 HTTP-01 Challenge (Standard TLS Port 443) ==== 
- 
-<hidden> 
-<code bash> 
-version: "3" 
- 
-services: 
-  traefik: 
-    image: "traefik" 
-    restart: always 
-    command: 
-      - "--api=true" 
-      - "--api.insecure=true" 
-      - "--providers.docker=true" 
-      - "--providers.docker.exposedbydefault=false" 
-      - "--entrypoints.web.address=:80" 
-      - "--entrypoints.web.http.redirections.entryPoint.to=websecure" 
-      - "--entrypoints.web.http.redirections.entrypoint.scheme=https" 
-      - "--entrypoints.websecure.address=:443" 
-      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" 
-      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}" 
-      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json" 
-    ports: 
-      - "80:80" 
-      - "443:443" 
-    volumes: 
-      - ${DATA_FOLDER}/letsencrypt:/letsencrypt 
-      - /var/run/docker.sock:/var/run/docker.sock:ro 
- 
-  n8n: 
-    image: n8nio/n8n 
-    restart: always 
-    ports: 
-      - "127.0.0.1:5678:5678" 
-    labels: 
-      - traefik.enable=true 
-      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`) 
-      - traefik.http.routers.n8n.tls=true 
-      - traefik.http.routers.n8n.entrypoints=web,websecure 
-      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge 
-      - traefik.http.middlewares.n8n.headers.SSLRedirect=true 
-      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000 
-      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true 
-      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true 
-      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true 
-      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME} 
-      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true 
-      - traefik.http.middlewares.n8n.headers.STSPreload=true 
-      - traefik.http.routers.n8n.middlewares=n8n@docker 
-    environment: 
-      - N8N_BASIC_AUTH_ACTIVE=true 
-      - N8N_BASIC_AUTH_USER 
-      - N8N_BASIC_AUTH_PASSWORD 
-      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME} 
-      - N8N_PORT=5678 
-      - N8N_PROTOCOL=https 
-      - NODE_ENV=production 
-      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/ 
-      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE} 
-      # this section reduces the database size and speed up performance, disable for debug 
-      - EXECUTIONS_DATA_SAVE_ON_ERROR=all 
-      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none 
-      - EXECUTIONS_DATA_SAVE_ON_PROGRESS=true 
-      - EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=false 
-      - EXECUTIONS_DATA_PRUNE=true 
-      - EXECUTIONS_DATA_MAX_AGE=336 
-      - EXECUTIONS_DATA_PRUNE_MAX_COUNT=50000 
-      - DB_SQLITE_VACUUM_ON_STARTUP=true 
-    volumes: 
-      - ${DATA_FOLDER}/.n8n:/home/node/.n8n 
-</code> 
-</hidden> 
- 
- 
- 
-==== 4.2 DNS-01 Challenge (Alternative TLS Ports) ==== 
- 
-Hier muss der [[wpde>DNS]] Provider entsprechend angepasst werden. 
- 
-<hidden> 
-<code bash> 
-version: "3" 
- 
-services: 
-  traefik: 
-    image: "traefik" 
-    restart: always 
-    command: 
-      #- "--log.level=DEBUG" 
-      - "--api=true" 
-      - "--api.insecure=true" 
-      - "--providers.docker=true" 
-      - "--providers.docker.exposedbydefault=false" 
-      - "--entrypoints.web.address=:80" 
-      - "--entrypoints.web.http.redirections.entryPoint.to=websecure" 
-      - "--entrypoints.web.http.redirections.entrypoint.scheme=https" 
-      - "--entrypoints.websecure.address=:12345" 
-      - "--certificatesresolvers.myresolver.acme.dnschallenge=true" 
-      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=netcup" 
-      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" 
-      - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com" 
-      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" 
-    ports: 
-      - "8081:80" 
-      - "12345:12345" 
-    environment: 
-      - "NETCUP_CUSTOMER_NUMBER=<CNR>" 
-      - "NETCUP_API_KEY=<API-KEY>" 
-      - "NETCUP_API_PASSWORD=<API-PASS>" 
-      - "NETCUP_PROPAGATION_TIMEOUT=15m" 
-      - "NETCUP_TTL=3600" 
-    volumes: 
-      - ${DATA_FOLDER}/letsencrypt:/letsencrypt 
-      - /var/run/docker.sock:/var/run/docker.sock:ro 
- 
-  n8n: 
-    image: n8nio/n8n 
-    restart: always 
-    ports: 
-      - "127.0.0.1:5678:5678" 
-    labels: 
-      - traefik.enable=true 
-      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`) 
-      - traefik.http.routers.n8n.tls=true 
-      - traefik.http.routers.n8n.entrypoints=web,websecure 
-      - traefik.http.routers.n8n.tls.certresolver=myresolver 
-      - traefik.http.middlewares.n8n.headers.SSLRedirect=true 
-      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000 
-      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true 
-      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true 
-      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true 
-      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME} 
-      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true 
-      - traefik.http.middlewares.n8n.headers.STSPreload=true 
-      - traefik.http.routers.n8n.middlewares=n8n@docker 
-    environment: 
-      - N8N_BASIC_AUTH_ACTIVE=true 
-      - N8N_BASIC_AUTH_USER 
-      - N8N_BASIC_AUTH_PASSWORD 
-      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME} 
-      - N8N_PORT=5678 
-      - N8N_PROTOCOL=https 
-      - NODE_ENV=production 
-      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}:12345/ 
-      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE} 
-      # this section reduces the database size and speed up performance, disable for debug 
-      - EXECUTIONS_DATA_SAVE_ON_ERROR=all 
-      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none 
-      - EXECUTIONS_DATA_SAVE_ON_PROGRESS=true 
-      - EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=false 
-      - EXECUTIONS_DATA_PRUNE=true 
-      - EXECUTIONS_DATA_MAX_AGE=336 
-      - EXECUTIONS_DATA_PRUNE_MAX_COUNT=50000 
-      - DB_SQLITE_VACUUM_ON_STARTUP=true 
-      #- N8N_LOG_LEVEL=debug 
-      #- N8N_LOG_OUTPUT=console 
-    volumes: 
-      - ${DATA_FOLDER}/.n8n:/home/node/.n8n 
-</code> 
-</hidden> 
- 
-===== 5. .env Datei erstellen ===== 
- 
-<code>/somedirectory/n8n/.env</code> 
- 
-<code bash> 
-# Folder where data should be saved 
-DATA_FOLDER=/root/n8n/ 
- 
-# The top level domain to serve from 
-DOMAIN_NAME=example.com 
- 
-# The subdomain to serve from 
-SUBDOMAIN=n8n 
- 
-# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from 
-# above example would result in: https://n8n.example.com 
- 
-# The user name to use for authentication - IMPORTANT ALWAYS CHANGE! 
-N8N_BASIC_AUTH_USER=user 
- 
-# The password to use for authentication - IMPORTANT ALWAYS CHANGE! 
-N8N_BASIC_AUTH_PASSWORD=password 
- 
-# Optional timezone to set which gets used by Cron-Node by default 
-# If not set New York time will be used 
-GENERIC_TIMEZONE=Europe/Berlin 
- 
-# The email address to use for the SSL certificate creation 
-SSL_EMAIL=user@example.com 
-</code> 
- 
-===== 6. Daten Verzeichnis erstellen ===== 
- 
-<code bash> 
-mkdir /somedirectory/n8n 
-</code> 
- 
-===== 7. Starten und Stoppen ===== 
- 
-==== 7.1 Start ==== 
- 
-<code bash> 
-sudo docker compose up -d 
-</code> 
- 
-=== 7.1.1 Start mit Ausgabe === 
- 
-<code bash> 
-sudo docker compose up 
-</code> 
- 
-==== 7.2 Stopp ==== 
- 
-<code bash> 
-sudo docker compose stop 
-</code> 
- 
-===== 8. Update ===== 
- 
-==== 8.1 Image aktualisieren ==== 
- 
-<code bash> 
-docker pull n8nio/n8n 
-</code> 
- 
-==== 8.2 Neustart ==== 
- 
-<code bash> 
-# Stop current setup 
-sudo docker compose stop 
-# Delete it (will only delete the docker-containers, data is stored separately) 
-sudo docker compose rm  
-# Then start it again, in ingteractive mode to check for errors 
-sudo docker compose up 
-</code> 
- 
-Wenn alles fehlerfrei läuft, den Prozess mit STRG+C beenden und im Daemon Modus starten 
- 
-<code bash> 
-sudo docker compose up -d 
-</code>