Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- linux:n8n:installation_compose [2023/08/06 20:13] – [4.2 DNS-01 Challenge (Alternative TLS Ports)] psycore
+++ linux:n8n:installation_compose [2024/01/13 22:45] (aktuell) – gelöscht psycore
@@ Zeile 1: / Zeile 1: @@
-====== n8n Installation mit Docker Compose ======
-n8n Installation mit Docker Compose, Let's Encrypt [[wpde>SSL]] Zertifikat und Basic Auth. Bei Systemen, die nicht direkt im Internet erreichbar sind, kann auch die [[linux:n8n:installation|HTTP Methode gewählt werden]] (dennoch nicht zu empfehlen).
-===== 1. Docker Installation (Debian) =====
-==== 1.1 alte Versionen deinstallieren ====
-<code bash>
-sudo apt-get remove docker docker-engine docker.io containerd runc
-</code>
-==== 1.2 Repo Installation ====
-=== 1.2.1 Update apt und HTTPS aktivieren ===
-<code bash>
- sudo apt-get update
- sudo apt-get install \
-    ca-certificates \
-    curl \
-    gnupg \
-    lsb-release
-sudo mkdir -m 0755 -p /etc/apt/keyrings
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-echo \
-  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
-  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-  </code>
-=== 1.2.2 Docker GPG Key hinzufügen ===
-<code bash>
-sudo mkdir -m 0755 -p /etc/apt/keyrings
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-</code>
-=== 1.2.3 Repo Setup ===
-<code bash>
-echo \
-  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
-  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-</code>
-==== 1.3 Docker Engine installieren ====
-<code bash>
-sudo apt-get update
-sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
-</code>
-===== 2. Docker Compose installieren =====
-<code bash>
-sudo apt-get install docker-compose-plugin
-</code>
-===== 3. DNS Eintrag =====
-<code bash>
-Type: A
-Name: n8n
-IP address: <IP_OF_YOUR_SERVER>
-</code>
-===== 4. Docker Compose Datei erstellen =====
-<code>/somedirectory/docker-compose.yml</code>
-==== 4.1 HTTP-01 Challenge (Standard TLS Port 443) ====
-<hidden>
-<code bash>
-version: "3"
-services:
-  traefik:
-    image: "traefik"
-    restart: always
-    command:
-      - "--api=true"
-      - "--api.insecure=true"
-      - "--providers.docker=true"
-      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
-      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
-      - "--entrypoints.websecure.address=:443"
-      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
-      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
-      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - ${DATA_FOLDER}/letsencrypt:/letsencrypt
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-  n8n:
-    image: n8nio/n8n
-    restart: always
-    ports:
-      - "127.0.0.1:5678:5678"
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
-      - traefik.http.routers.n8n.tls=true
-      - traefik.http.routers.n8n.entrypoints=web,websecure
-      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
-      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
-      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
-      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
-      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
-      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
-      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
-      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
-      - traefik.http.middlewares.n8n.headers.STSPreload=true
-      - traefik.http.routers.n8n.middlewares=n8n@docker
-    environment:
-      - N8N_BASIC_AUTH_ACTIVE=true
-      - N8N_BASIC_AUTH_USER
-      - N8N_BASIC_AUTH_PASSWORD
-      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
-      - N8N_PORT=5678
-      - N8N_PROTOCOL=https
-      - NODE_ENV=production
-      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
-      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
-      # this section reduces the database size and speed up performance, disable for debug
-      - EXECUTIONS_DATA_SAVE_ON_ERROR=all
-      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none
-      - EXECUTIONS_DATA_SAVE_ON_PROGRESS=true
-      - EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=false
-      - EXECUTIONS_DATA_PRUNE=true
-      - EXECUTIONS_DATA_MAX_AGE=336
-      - EXECUTIONS_DATA_PRUNE_MAX_COUNT=50000
-    volumes:
-      - ${DATA_FOLDER}/.n8n:/home/node/.n8n
-</code>
-</hidden>
-==== 4.2 DNS-01 Challenge (Alternative TLS Ports) ====
-Hier muss der [[wpde>DNS]] Provider entsprechend angepasst werden.
-<hidden>
-<code bash>
-version: "3"
-services:
-  traefik:
-    image: "traefik"
-    restart: always
-    command:
-      #- "--log.level=DEBUG"
-      - "--api=true"
-      - "--api.insecure=true"
-      - "--providers.docker=true"
-      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
-      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
-      - "--entrypoints.websecure.address=:12345"
-      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
-      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=netcup"
-      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
-      - "--certificatesresolvers.myresolver.acme.email=postmaster@example.com"
-      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
-    ports:
-      - "8081:80"
-      - "12345:12345"
-    environment:
-      - "NETCUP_CUSTOMER_NUMBER=<CNR>"
-      - "NETCUP_API_KEY=<API-KEY>"
-      - "NETCUP_API_PASSWORD=<API-PASS>"
-      - "NETCUP_PROPAGATION_TIMEOUT=15m"
-      - "NETCUP_TTL=3600"
-    volumes:
-      - ${DATA_FOLDER}/letsencrypt:/letsencrypt
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-  n8n:
-    image: n8nio/n8n
-    restart: always
-    ports:
-      - "127.0.0.1:5678:5678"
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
-      - traefik.http.routers.n8n.tls=true
-      - traefik.http.routers.n8n.entrypoints=web,websecure
-      - traefik.http.routers.n8n.tls.certresolver=myresolver
-      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
-      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
-      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
-      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
-      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
-      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
-      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
-      - traefik.http.middlewares.n8n.headers.STSPreload=true
-      - traefik.http.routers.n8n.middlewares=n8n@docker
-    environment:
-      - N8N_BASIC_AUTH_ACTIVE=true
-      - N8N_BASIC_AUTH_USER
-      - N8N_BASIC_AUTH_PASSWORD
-      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
-      - N8N_PORT=5678
-      - N8N_PROTOCOL=https
-      - NODE_ENV=production
-      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}:12345/
-      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
-      # this section reduces the database size and speed up performance, disable for debug
-      - EXECUTIONS_DATA_SAVE_ON_ERROR=all
-      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none
-      - EXECUTIONS_DATA_SAVE_ON_PROGRESS=true
-      - EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=false
-      - EXECUTIONS_DATA_PRUNE=true
-      - EXECUTIONS_DATA_MAX_AGE=336
-      - EXECUTIONS_DATA_PRUNE_MAX_COUNT=50000
-      - DB_SQLITE_VACUUM_ON_STARTUP=true
-      #- N8N_LOG_LEVEL=debug
-      #- N8N_LOG_OUTPUT=console
-    volumes:
-      - ${DATA_FOLDER}/.n8n:/home/node/.n8n
-</code>
-</hidden>
-===== 5. .env Datei erstellen =====
-<code>/somedirectory/n8n/.env</code>
-<code bash>
-# Folder where data should be saved
-DATA_FOLDER=/root/n8n/
-# The top level domain to serve from
-DOMAIN_NAME=example.com
-# The subdomain to serve from
-SUBDOMAIN=n8n
-# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from
-# above example would result in: https://n8n.example.com
-# The user name to use for authentication - IMPORTANT ALWAYS CHANGE!
-N8N_BASIC_AUTH_USER=user
-# The password to use for authentication - IMPORTANT ALWAYS CHANGE!
-N8N_BASIC_AUTH_PASSWORD=password
-# Optional timezone to set which gets used by Cron-Node by default
-# If not set New York time will be used
-GENERIC_TIMEZONE=Europe/Berlin
-# The email address to use for the SSL certificate creation
-SSL_EMAIL=user@example.com
-</code>
-===== 6. Daten Verzeichnis erstellen =====
-<code bash>
-mkdir /somedirectory/n8n
-</code>
-===== 7. Starten und Stoppen =====
-==== 7.1 Start ====
-<code bash>
-sudo docker compose up -d
-</code>
-=== 7.1.1 Start mit Ausgabe ===
-<code bash>
-sudo docker compose up
-</code>
-==== 7.2 Stopp ====
-<code bash>
-sudo docker compose stop
-</code>
-===== 8. Update =====
-==== 8.1 Image aktualisieren ====
-<code bash>
-docker pull n8nio/n8n
-</code>
-==== 8.2 Neustart ====
-<code bash>
-# Stop current setup
-sudo docker compose stop
-# Delete it (will only delete the docker-containers, data is stored separately)
-sudo docker compose rm
-# Then start it again, in ingteractive mode to check for errors
-sudo docker compose up
-</code>
-Wenn alles fehlerfrei läuft, den Prozess mit STRG+C beenden und im Daemon Modus starten
-<code bash>
-sudo docker compose up -d
-</code>