Overview

n8n is a powerful workflow automation platform that allows you to connect various services and applications to create automated workflows. This document covers the deployment and configuration of n8n using Docker Compose with Traefik as a reverse proxy.

Service Details

ComponentValue
URLhttps://automations.trymondo.com
Imagen8nio/n8n:1.88.0
Containern8n
DatabasePostgreSQL 17.4
Networkstraefik-net, n8n-net
Data Storage./data directory

Architecture

n8n is deployed as a multi-container application with the following components: 
                      ┌─────────────┐
                      │   Traefik   │
                      └──────┬──────┘
                             │ HTTPS

                      ┌──────────────┐
                      │     n8n      │
                      └──────┬───────┘


                      ┌──────────────┐
                      │  PostgreSQL  │
                      └──────────────┘
  • n8n: Main application container serving the workflow editor and execution engine
  • PostgreSQL: Database for storing workflows, credentials, and execution data

Prerequisites

  • Docker Engine (24.0+)
  • Docker Compose v2
  • Traefik reverse proxy configured and running
  • External networks: traefik-net and n8n-net
  • DNS configured for automations.trymondo.com
  • SMTP credentials for email notifications

Deployment Configuration

Environment Variables

Create a .env file with the following variables: 
# n8n Host Configuration
N8N_HOST=automations.trymondo.com

# Database Configuration
DB_POSTGRESDB_DATABASE=n8n
DB_POSTGRESDB_USER=n8n_user
DB_POSTGRESDB_PASSWORD=secure_password_here

# SMTP Configuration
N8N_SMTP_USER=your_smtp_username
N8N_SMTP_PASS=your_smtp_password

# Security Configuration
N8N_BASIC_AUTH_USER=admin_username
N8N_BASIC_AUTH_PASSWORD=secure_admin_password
N8N_ENCRYPTION_KEY=random_32_character_string
Generate a secure, random string for N8N_ENCRYPTION_KEY. This is used to encrypt credentials and sensitive data.
You can generate a secure random string with: bash openssl rand -hex 16

Docker Compose File

services:
  n8n:
    image: n8nio/n8n:1.88.0
    container_name: n8n
    restart: unless-stopped
    environment:
      - N8N_HOST=${N8N_HOST}
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - N8N_EDITOR_BASE_URL=https://${N8N_HOST}
      - WEBHOOK_URL=https://${N8N_HOST}
      - N8N_PATH=/
      - N8N_LISTEN_ADDRESS=0.0.0.0
      - N8N_PERSONALIZATION_ENABLED=true
      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=db
      - DB_POSTGRESDB_DATABASE=${DB_POSTGRESDB_DATABASE}
      - DB_POSTGRESDB_USER=${DB_POSTGRESDB_USER}
      - DB_POSTGRESDB_PASSWORD=${DB_POSTGRESDB_PASSWORD}
      - DB_POSTGRESDB_PORT=5432
      - DB_POSTGRESDB_SCHEMA=public
      - DB_POSTGRESDB_SSL_ENABLED=false
      - N8N_EMAIL_MODE=smtp
      - N8N_SMTP_HOST=smtp.mailersend.net
      - N8N_SMTP_PORT=587
      - N8N_SMTP_USER=${N8N_SMTP_USER}
      - N8N_SMTP_PASS=${N8N_SMTP_PASS}
      - N8N_SMTP_SENDER=info@trymondo.com
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=${N8N_BASIC_AUTH_USER}
      - N8N_BASIC_AUTH_PASSWORD=${N8N_BASIC_AUTH_PASSWORD}
      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
      - N8N_TRUST_PROXY=true
      - N8N_USE_X_FORWARDED_HOST=true
      - N8N_RUNNERS_ENABLED=true
      - EXECUTIONS_MODE=regular
      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none
      - EXECUTIONS_DATA_SAVE_ON_ERROR=all
      - EXECUTIONS_DATA_PRUNE=true
      - EXECUTIONS_DATA_MAX_AGE=336
      - N8N_LOG_LEVEL=info
      - N8N_LOG_OUTPUT=console
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
      - NODE_ENV=production
      - TZ=America/Denver
    volumes:
      - ./data:/home/node/.n8n
    depends_on:
      - db
    networks:
      - traefik-net
      - n8n-net
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.n8n.rule=Host(`automations.trymondo.com`)'
      - 'traefik.http.routers.n8n.entrypoints=websecure'
      - 'traefik.http.routers.n8n.tls.certresolver=production'
      - 'traefik.http.services.n8n.loadbalancer.server.port=5678'
      - 'traefik.http.services.n8n.loadbalancer.server.scheme=http'
      - 'traefik.http.routers.traefik.middlewares=rateLimit@file,secureHeaders@file'
      - 'traefik.docker.network=traefik-net'

  db:
    image: postgres:17.4
    container_name: n8n-db
    restart: unless-stopped
    environment:
      - POSTGRES_DB=${DB_POSTGRESDB_DATABASE}
      - POSTGRES_USER=${DB_POSTGRESDB_USER}
      - POSTGRES_PASSWORD=${DB_POSTGRESDB_PASSWORD}
    volumes:
      - ./db:/var/lib/postgresql/data
    networks:
      - n8n-net

networks:
  traefik-net:
    external: true
  n8n-net:
    external: true

Network Configuration

Before deployment, ensure the required networks exist: 
# Create external networks if they don't exist
docker network create n8n-net
docker network create traefik-net

Deployment Instructions

  1. Create the deployment directory structure: 
    mkdir -p /opt/apps/n8n/{data,db}
  2. Create the configuration files: 
    nano /opt/apps/n8n/.env
nano /opt/apps/n8n/docker-compose.yml
  3. Deploy the service: 
    cd /opt/apps/n8n
docker compose up -d
  4. Verify the services are running: 
    docker compose ps
  5. Access n8n at https://automations.trymondo.com and log in with the credentials specified in the .env file.

Traefik Integration

n8n is configured with the following Traefik settings:
  • Host Rule: automations.trymondo.com
  • Entrypoint: websecure (HTTPS)
  • TLS: Enabled with production certificate resolver
  • Backend Port: 5678
  • Middlewares: Rate limiting and secure headers

Configuration Highlights

Security Configuration

n8n is configured with several security features:
  • Basic Authentication: Requires username/password to access the UI
  • Encryption Key: All sensitive data is encrypted at rest
  • HTTPS: All traffic is encrypted via Traefik
  • Rate Limiting: Prevents brute force attacks

Workflow Execution Settings

The n8n instance is configured with the following execution settings:
  • Regular Execution Mode: Workflows run in the main process
  • Data Retention: Error execution data is saved, successful executions are not
  • Data Pruning: Old execution data is automatically removed after 336 hours (14 days)
  • Runners Enabled: Allows distributed workflow execution

Email Notifications

Email is configured using SMTP with the following settings:

Maintenance

Backup Strategy

Back up n8n regularly using the following commands: 
# Stop the services
cd /opt/apps/n8n
docker compose stop

# Backup the database
docker compose exec db pg_dump -U ${DB_POSTGRESDB_USER} ${DB_POSTGRESDB_DATABASE} > n8n_backup_$(date +%Y%m%d).sql

# Backup n8n data
tar -czf n8n_data_backup_$(date +%Y%m%d).tar.gz -C /opt/apps/n8n data

# Restart the services
docker compose start

Updates

To update n8n:
  1. Update the image tag in docker-compose.yml
  2. Apply the update: 
    cd /opt/apps/n8n
docker compose pull
docker compose up -d
  3. Check logs for any issues: 
    docker compose logs
Always back up your data before updating n8n to a new version.

Troubleshooting

Database Connection Issues

If n8n can’t connect to the database:
  1. Verify PostgreSQL container is running: 
    docker compose ps db
  2. Check database logs: 
    docker compose logs db
  3. Verify credentials in .env file match what n8n is using

Webhook Issues

If webhooks are not working correctly:
  1. Verify the webhook URL configuration: 
    docker compose exec n8n node -e "console.log(process.env.WEBHOOK_URL)"
  2. Check that the URL is accessible from the internet
  3. Verify Traefik is properly routing requests

Authentication Problems

If you’re having trouble logging in:
  1. Check the basic auth settings: 
    docker compose exec n8n node -e "console.log(process.env.N8N_BASIC_AUTH_ACTIVE)"
  2. Reset the admin password by updating the .env file and restarting the container

Example Workflows

Webflow Form to Mautic Integration

This workflow captures form submissions from Webflow and adds contacts to Mautic:
  1. Create a webhook node as the trigger
  2. Copy the webhook URL to your Webflow form’s action URL
  3. Add a Mautic node to create/update contacts
  4. Configure the mapping between Webflow form fields and Mautic contact fields

Daily Database Backup Notification

This workflow creates and notifies about database backups:
  1. Set up a Cron node to trigger daily at a specific time
  2. Add an Execute Command node to run pg_dump
  3. Add a Send Email node to notify about successful backups
  4. Add error handling to notify about failures

Security Considerations

  • Credential Storage: All API credentials are encrypted using the N8N_ENCRYPTION_KEY
  • Basic Authentication: The UI is protected with username/password
  • HTTPS: All traffic is encrypted via Traefik
  • Database Security: The PostgreSQL database is not exposed outside the Docker network
  • Execution Data: Only error execution data is saved to reduce sensitive data exposure

Additional Resources

Integration with Other Mondo Services

n8n can be integrated with other Mondo services:
  • Mautic: Use the Mautic nodes to manage contacts and campaigns
  • EspoCRM: Use HTTP Request nodes or custom nodes to interact with the CRM API
  • Gitea: Use Webhook triggers for repository events
  • Traefik: Ensure proper routing and HTTPS termination