The idea is:
Let the environment variables take effect on the n8n runners n8n-task-runners.json config.
- NODE_FUNCTION_ALLOW_BUILTIN
- NODE_FUNCTION_ALLOW_EXTERNAL
- N8N_RUNNERS_STDLIB_ALLOW
- N8N_RUNNERS_EXTERNAL_ALLOW
As others on Github and this Forum aleady pointed out: the environment variables xxxxxxx don’t get recognized from the n8n runners.
Ref: `N8N_RUNNERS_STDLIB_ALLOW` is not working in docker compose file
Ref: N8N_RUNNERS_STDLIB_ALLOW="*" has no effect · Issue #23120 · n8n-io/n8n · GitHub and many others.
My issue:
I really dislike the current solution.
Task runners | n8n Docs clearly states that we need to modify the n8n-task-runners.json file, yet I have operational doubts.
n8n-task-runners.json is quite extensive in contrast with the excerpt from the docs:
example from docs:
{
"task-runners": [
{
"runner-type": "javascript",
"env-overrides": {
"NODE_FUNCTION_ALLOW_BUILTIN": "crypto", // <-- allowlist Node.js builtin modules here
"NODE_FUNCTION_ALLOW_EXTERNAL": "moment,uuid", // <-- allowlist third-party JS packages here
}
},
{
"runner-type": "python",
"env-overrides": {
"PYTHONPATH": "/opt/runners/task-runner-python",
"N8N_RUNNERS_STDLIB_ALLOW": "json", // <-- allowlist Python standard library packages here
"N8N_RUNNERS_EXTERNAL_ALLOW": "numpy,pandas" // <-- allowlist third-party Python packages here
}
}
]
}
actual config file:
{
"task-runners": [
{
"runner-type": "javascript",
"workdir": "/home/runner",
"command": "/usr/local/bin/node",
"args": [
"--disallow-code-generation-from-strings",
"--disable-proto=delete",
"/opt/runners/task-runner-javascript/dist/start.js"
],
"health-check-server-port": "5681",
"allowed-env": [
"PATH",
"GENERIC_TIMEZONE",
"NODE_OPTIONS",
"N8N_RUNNERS_AUTO_SHUTDOWN_TIMEOUT",
"N8N_RUNNERS_TASK_TIMEOUT",
"N8N_RUNNERS_MAX_CONCURRENCY",
"N8N_SENTRY_DSN",
"N8N_VERSION",
"ENVIRONMENT",
"DEPLOYMENT_NAME",
"HOME"
],
"env-overrides": {
"NODE_FUNCTION_ALLOW_BUILTIN": "crypto",
"NODE_FUNCTION_ALLOW_EXTERNAL": "moment",
"N8N_RUNNERS_HEALTH_CHECK_SERVER_HOST": "0.0.0.0"
}
},
{
"runner-type": "python",
"workdir": "/home/runner",
"command": "/opt/runners/task-runner-python/.venv/bin/python",
"args": ["-m", "src.main"],
"health-check-server-port": "5682",
"allowed-env": [
"PATH",
"N8N_RUNNERS_LAUNCHER_LOG_LEVEL",
"N8N_RUNNERS_AUTO_SHUTDOWN_TIMEOUT",
"N8N_RUNNERS_TASK_TIMEOUT",
"N8N_RUNNERS_MAX_CONCURRENCY",
"N8N_SENTRY_DSN",
"N8N_VERSION",
"ENVIRONMENT",
"DEPLOYMENT_NAME"
],
"env-overrides": {
"PYTHONPATH": "/opt/runners/task-runner-python",
"N8N_RUNNERS_STDLIB_ALLOW": "",
"N8N_RUNNERS_EXTERNAL_ALLOW": ""
}
}
]
}
how we’re supposed to be safe to just extend the file with the allowed modules without missing future updates to the config?
I really would like to have a way to provide a extension file rather than replace the config entirely.
ref: Code block external modules not accepting env vars · Issue #20087 · n8n-io/n8n · GitHub
I think it would be beneficial to add this because:
because environment variables are here to augment/override configuration.
Please allow/enable this functionality again.