AWS Docker installation

With apologies, this is profoundly naive question, but I’m new to Docker… Be gentle…!

I’m following the server-setup instructions ( Server Setup | Docs ) and have spun up ec2 instance and installed docker and compose.

I’m a bit confused by step 4… I have an A record already added in the DNS for the instance (using route53), but I’m not sure where the record mentioned here needs to be added…

I think I understand it from that point on…

Any pointers in the right direction would be really appreciated!

Thanks in advance

Hey @Iain_Simons,

Welcome to the community! Glad you are here!

We like to say that there are no stupid questions, only bad documentation!

The DNS A record is to make your life easier so that you can find your n8n session easier. If I understand the EC2 documentation correctly and you have set up an external public IP, you will already have a DNS entry for your session so an A record may not be required as you could use the DNS name that is provided by default.

But, if you did want to use a custom URI and you have that domain pointing to the Route 53 servers, you could simply create a CNAME entry and point it at the provided public DNS name.

For example, let’s say you own the domain example.com and your name servers were pointed to Route 53. Let’s also assume that the EC2 instance you own has a DNS name of ec2-10-11-12-13.compute-1.amazonaws.com. If you wanted n8n.example.com to point to your EC2 instance, you could go into Route 53 and create a CNAME record that pointed n8n.example.com to ec2-10-11-12-13.compute-1.amazonaws.com.

See here for more information about CNAME records in Route 53.

Hey @Tephlon, thanks for the welcome!

It’s a fine sentiment, but I’m sure I can also prove it IS possible for there to be both stupid questions AND bad documentation

That’s great - I understand the DNS workings, I just wasn’t sure if there was some special kind of docker thing that I didn’t know about…

Thanks so much - I’ll get on with the rest of the instructions!

I’m super-excited to try it out. Been bouncing around integromat / Zapier for years and this looks to be a REALLY exciting alternative…

-i

Glad to be of assistance. Let us know if there is anything else that we can help with. There’s always someone willing to help out.

I have no doubt I’ll be back in touch very shortly…

Finding the docker stuff tricky… I suspect there’s a market for people like me who ‘tinker and pick things up’ but aren’t very confident with the detail of some elements for ‘my first install’ type documentation in getting it up and running.

(very happy to help with that, if useful, once it is up and running! )

So… Hope it’s okay to carry on this thread here…

I think I’ve installed using the docker-compose instructions, the ‘n8n-local-files’ directory has been created, but I think I’ve borked the permissions somewhere.

I’ve created the /root/n8n dir, but it’s owned by root. Is that right?

When I start docker with the final stage now, I’m not seeing anything at all at the url. Just a ‘server isn’t responding’ browser error.

It’s okay to just keep the subdomain string variable blank, yes? I just commented it out…

Sorry… another question!

It occurred to me that I need to install an ssl cert, so was following the instructions here (How to integrate free SSL certificate into AWS instance with Let’s Encrypt | by Tarikul Islam | Cybridge Geeks | Medium) - but then realised I don’t know what the web root address is for n8n.

hmmm - I’m unravelling a bit now… !

If you follow the guide you referenced in your first message it does literally everything including setting up the SSL certificate. Nothing else is needed at all.

The guide is for setting it up on a subdomain. If you do not have any experience I advice you to do exactly that. It is obviously also possible on the main domain but then additional changes are needed which is probably not a good idea.

Ah, that sounds like my main error…

Thanks, Jan. I’ll try this shortly!

Yes sorry. It would be possible to create tutorials for many different cases but it would then be a lot of work to keep on supporting all of them. For that reason did we decide to only create this one which should cover most people. In the end it should not make a big difference if it is example.com or n8n.example.com. At least I hope

no, it’s I who should be apologising!

ok - one more question. I nuked and started again.
I’ve installed docker and docker-compose using the instructions here:

I followed the instructions until I got to the ‘create data folder’ stage, which I was only able to create using sudo.
So, I did that, and then chown’ed the folder to the ec2-user user, that installed Docker.

Now, I find that the ‘docker-compose up -d’ command is only available to the ec2-user, I can’t run it under sudo…
I get ‘command not found’…

I’m really sorry about this - I’ve clearly borked permissions somewhere, but I’m not sure how / where to fix them…
This is all using Amazon Linux (Amazon Linux AMI 2018.03 Release Notes)
Sorry - I know this must be testing your patience…

All good.

In our guide we assume that you run it with root. If you use the user “ec2-user” you should use a different data folder. So instead of /root/n8n/ it would probably be /home/ec2-user/n8n/.

So set at step 6:

DATA_FOLDER=/home/ec2-user/n8n/

and then at step 7:

mkdir /home/ec2-user/n8n/

hey Jan,

So - I made those amends, restarted docker-compose, but still didn’t get any output at the url.
I stopped it again to check all the configs in the .env file, restarted but accidentally left the -d flag off, and received these errors…

traefik_1  | time="2020-08-07T19:18:39Z" level=info msg="Configuration loaded from flags."
n8n_1      | n8n ready on 0.0.0.0, port 5678
n8n_1      | Version: 0.76.0
n8n_1      | 
n8n_1      | Editor is now accessible via:
n8n_1      | https://n8n.youwhat.club:5678/
traefik_1  | time="2020-08-07T19:18:58Z" level=error msg="Unable to obtain ACME certificate for domains \"n8n.youwhat.club\": unable to generate a certificate for the domains [n8n.youwhat.club]: error: one or more domains had a problem:\n[n8n.youwhat.club] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: \n" providerName=mytlschallenge.acme routerName=n8n@docker rule="Host(`n8n.youwhat.club`)" 

I have no idea if that’s useful in diagnosing what’s going on or not, though…

Looks like it is unable to generate the SSL certificate for some reason. Are you sure that the subdomain is configured correctly?

I think so…

Screenshot 2020-08-07 at 20.57.382088×286 28 KB

case closed… It was the firewall settings!

I didn’t notice that you need to configure them manually upon setting up the instance…

Up and working - thanks for your patience and help, Jan.

I am looking forward to digging in tomorrow

Ah really happy to hear that you could figure it out!

Wish you now a lot of fun with n8n and happy to help with any further problems out questions!