Last active
January 13, 2022 10:15
-
-
Save ctrl-freak/9939f113fd7f33868a0bbefb3b45513d to your computer and use it in GitHub Desktop.
Install n8n.io and PostgreSQL on Docker on Oracle Cloud Ubuntu, protected by Auth0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a string of commands, not a developed script. | |
# Set a password to be used for the PostgreSQL authentication | |
POSTGRES_USER='n8n' | |
POSTGRES_PASSWORD='' | |
# Create Instance | |
# Attach Block Storage | |
# Add a public IP to the NIC | |
# Edit the Instance > Virtual Cloud Network > Security Lists > Default Security Lists | |
# Add ingress rules for port 80 and 443 | |
# May want to open 5678 for testing | |
sudo -s | |
# Format Block Storage | |
fdisk -l | |
fdisk /dev/sdb | |
mkfs.ext4 /dev/sdb1 | |
vim /etc/fstab | |
mount /data | |
# Create small swap, swappiness=1 | |
# free -h | |
sudo fallocate -l 1G /swapfile | |
sudo chmod 600 /swapfile | |
sudo mkswap /swapfile | |
sudo swapon /swapfile | |
# sudo swapon --show | |
# free -h | |
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab | |
# cat /etc/fstab | |
# cat /proc/sys/vm/swappiness | |
sudo sysctl vm.swappiness=1 | |
echo 'vm.swappiness=1' | sudo tee -a /etc/sysctl.conf | |
# Disable services and clear iptables | |
update-rc.d nfs-common disable | |
update-rc.d rpcbind disable | |
systemctl stop rpcbind | |
systemctl stop nfs-common | |
# Back up rules | |
iptables-save > ~/iptables-rules | |
iptables -P INPUT ACCEPT | |
iptables -P OUTPUT ACCEPT | |
iptables -P FORWARD ACCEPT | |
iptables -F | |
apt update | |
apt upgrade | |
apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common vim -y | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
apt-key fingerprint 0EBFCD88 | |
apt-get update | |
apt-get install docker-ce docker-ce-cli containerd.io -y | |
groupadd docker | |
sudo usermod -aG docker $USER | |
docker network create -d bridge internal | |
# PostgrSQL 11.5 is required, otherwise a missing column error occurs | |
docker run --name postgres -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD -e POSTGRES_USER=$POSTGRES_USER -v /data/postgres-n8n:/var/lib/postgresql/data -d postgres:11.5 -c 'listen_addresses="*"' --network internal | |
docker run --name n8n -d -p 5678:5678 -v /data/n8n:/root/.n8n -e DB_TYPE=postgresdb -e DB_POSTGRESDB_DATABASE=$POSTGRES_USER -e DB_POSTGRESDB_HOST=postgres -e DB_POSTGRESDB_PORT=5432 -e DB_POSTGRESDB_USER=$POSTGRES_USER -e DB_POSTGRESDB_PASSWORD=$POSTGRES_PASSWORD n8nio/n8n | |
# Confirm both containers showing on internal network | |
docker network inspect internal | |
# Can test on port 5678 at this point | |
# Set up reverse proxy with SSL | |
apt install apache2 libapache2-mod-auth-openidc libapache2-mod-proxy certbot -y | |
a2enmod proxy | |
a2enmod ssl | |
a2enmod proxy_http | |
a2enmod ext_filter | |
a2enmod substitute | |
systemctl restart apache2 | |
cd /etc/apache2/sites-available/ | |
cp 000-default.conf reverse-proxy.conf | |
# Edit conf file, set up Auth0 attributes and AuthType Require | |
vim reverse-proxy.conf | |
# OIDCProviderMetadataURL | |
# OIDCProviderAuthorizationEndpoint | |
# OIDCClientID | |
# OIDCClientSecret | |
# OIDCScope "openid email profile" | |
# OIDCRedirectURI https:// | |
# OIDCCryptoPassphrase abc123def456 | |
# OIDCCookiePath / | |
# OIDCSessionInactivityTimeout 28800 | |
# | |
# <Location /> | |
# AuthType openid-connect | |
# Require valid-user | |
# </Location> | |
# | |
# LimitRequestFieldSize 16380 | |
# ProxyPass / http://localhost:5678/ | |
# ProxyPassReverse / http://localhost:5678/ | |
a2ensite reverse-proxy.conf | |
certbot | |
# Still issues with sessions being remembered, HTTP 400 after a period of inactivity | |
# Have tried: | |
# sudo a2enmod session_cookie | |
# Session On | |
# SessionCookieName session path=/ | |
# LimitRequestFieldSize 16380 | |
# OIDCSessionInactivityTimeout 28800 | |
# Fixed, but unsure what did it |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment