Created
April 22, 2023 17:59
-
-
Save PlugFox/51b1f6a7e33b1fb18dbc57e09cbc8e4d to your computer and use it in GitHub Desktop.
n8n docker stack with traefik
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.9' | |
# Free and open fair-code licensed node based Workflow Automation Tool. | |
# https://n8n.io/ | |
# https://hub.docker.com/r/n8nio/n8n | |
# https://docs.n8n.io/ | |
services: | |
n8n: | |
hostname: n8n | |
image: n8nio/n8n:latest | |
networks: | |
- public | |
#ports: | |
# - '5678:5678' | |
volumes: | |
- /etc/localtime:/etc/localtime:ro | |
- n8n-data:/home/node | |
- n8n-files:/files | |
environment: | |
- "TZ=UTC" | |
#- "GENERIC_TIMEZONE=Asia/Tbilisi" | |
#- "TZ=Asia/Tbilisi" | |
- "N8N_BASIC_AUTH_ACTIVE=false" | |
#- "N8N_BASIC_AUTH_USER=<USER>" | |
#- "N8N_BASIC_AUTH_PASSWORD=<PASSWORD>" | |
- "N8N_HOST=n8n.domain.tld" | |
- "N8N_PORT=5678" | |
- "N8N_PROTOCOL=https" | |
- "NODE_ENV=production" | |
- "WEBHOOK_URL=https://n8n.domain.tld/" | |
deploy: | |
mode: replicated | |
replicas: 1 | |
restart_policy: | |
condition: on-failure | |
placement: | |
constraints: | |
- node.role == manager | |
#resources: | |
# limits: | |
# cpus: '0.50' | |
# memory: 256M | |
# reservations: | |
# cpus: '0.25' | |
# memory: 128M | |
labels: | |
- org.label-schema.group=n8n | |
#################################################################### | |
# n8n Kuma dashboard | |
#################################################################### | |
# Labels for traefik https://doc.traefik.io/traefik/providers/docker/ | |
- "traefik.enable=true" | |
- "traefik.http.routers.n8n.tls=true" | |
- "traefik.http.routers.n8n.entrypoints=https" | |
- "traefik.http.routers.n8n.rule=Host(`n8n.domain.tld`)" | |
- "traefik.http.routers.n8n.tls.certresolver=le" | |
# Port traefik needs to route traffic to | |
- "traefik.http.routers.n8n.service=n8n" | |
- "traefik.http.services.n8n.loadbalancer.server.port=5678" | |
# Enable middlewares | |
- "traefik.http.routers.n8n.middlewares=n8n-headers@docker,n8n-ratelimit@docker" # n8n-auth@docker | |
# Middleware headers | |
- "traefik.http.middlewares.n8n-headers.headers.SSLRedirect=true" | |
- "traefik.http.middlewares.n8n-headers.headers.STSSeconds=315360000" | |
- "traefik.http.middlewares.n8n-headers.headers.browserXSSFilter=true" | |
- "traefik.http.middlewares.n8n-headers.headers.contentTypeNosniff=true" | |
- "traefik.http.middlewares.n8n-headers.headers.forceSTSHeader=true" | |
- "traefik.http.middlewares.n8n-headers.headers.SSLHost=n8n.domain.tld" | |
- "traefik.http.middlewares.n8n-headers.headers.STSIncludeSubdomains=true" | |
- "traefik.http.middlewares.n8n-headers.headers.STSPreload=true" | |
# Middleware rate limit | |
- "traefik.http.middlewares.n8n-ratelimit.ratelimit.average=100" | |
- "traefik.http.middlewares.n8n-ratelimit.ratelimit.burst=50" | |
# Middleware with HTTP Basic auth | |
# Basic password auth https://doc.traefik.io/traefik/middlewares/http/basicauth/ | |
#- "traefik.http.middlewares.n8n-auth.basicauth.usersfile=/run/secrets/traefik-passwords" | |
networks: | |
# Overlay network for containers that need to be accessible over the internet | |
public: | |
external: true | |
attachable: true | |
driver: overlay | |
volumes: | |
n8n-data: | |
n8n-files: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Replace domain.tld with your own domain