Hello everyone!
I’ve managed to get n8n working flawlessly on a public IP address, but for security policy reasons, we would be better off keeping the n8n instance inside a private network, only accessible through a VPN. I’ve changed the DNS record, pointing to the instance’s private IP address, but it looks like Traefik isn’t redirecting the traffic to port 80. The only way I can access n8n`s start page is by pointing to port 80.
https://n8n.giacomocolonetti.com hangs on loading
https://n8n.giacomocolonetti.com:80 works fine
Could it be a Traefik-related problem? Or something on Docker’s side?
It is worth mentioning that I have a custom docker daemon configuration to avoid networking conflicts. Here’s my /etc/docker/daemon.json file:
{
"live-restore": true,
"bip": "10.10.0.1/16",
"default-address-pools": [{
"base": "10.0.0.0/8",
"size": 16
}]
}
Logs from Traefik’s container seem to point to an error due to Let’s Encrypt servers not being able to reach and verify the IP address in the DNS register, which is expected once it is a private IP:
time="2023-12-01T09:56:38Z" level=info msg="Configuration loaded from flags."
time="2023-12-01T09:56:47Z" level=error msg="Unable to obtain ACME certificate for domains \"n8n.giacomocolonetti.com\": unable to generate a certificate for the domains [n8n.giacomocolonetti.com]: error: one or more domains had a problem:\n[n8n.giacomocolonetti.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for n8n.giacomocolonetti.com - the domain's nameservers may be malfunctioning; no valid AAAA records found for n8n.giacomocolonetti.com\n" ACME CA="https://acme-v02.api.letsencrypt.org/directory" rule="Host(`n8n.giacomocolonetti.com`)" routerName=n8n@docker providerName=mytlschallenge.acme
Information on your n8n setup
- n8n version: latest
- Database (default: SQLite): default
- Running n8n via (Docker, npm, n8n cloud, desktop app): docker
- Operating system: Amazon Linux 2023