Can't get editor UI working on my server

mark_de_jonge · March 27, 2022, 9:41am

Describe the issue/error/question

I can’t get my editor UI to show up in my browser. I have a digital ocean docker droplet running with n8n deployed. But when I visit the :5678 nothing gets served and it times out.

This is my docker-compose.yml file:

version: "3"

services:
  traefik:
    image: "traefik"
    restart: always
    command:
      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ${DATA_FOLDER}/letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro

  n8n:
    image: n8nio/n8n
    restart: always
    ports:
      - "127.0.0.1:5678:5678"
    labels:
      - traefik.enable=true
      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
      - traefik.http.routers.n8n.tls=true
      - traefik.http.routers.n8n.entrypoints=web,websecure
      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
      - traefik.http.middlewares.n8n.headers.STSPreload=true
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER
      - N8N_BASIC_AUTH_PASSWORD
      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
      - N8N_PORT=5678
      - N8N_PROTOCOL=https
      - NODE_ENV=production
      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
    volumes:
      - ${DATA_FOLDER}/.n8n:/home/node/.n8n

This is my .env file:

# Folder where data should be saved
DATA_FOLDER=/root/n8n/

# The top level domain to serve from
#DOMAIN_NAME=

# The subdomain to serve from
#SUBDOMAIN=

# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from
# above example would result in: https://n8n.example.com

# The user name to use for authentication - IMPORTANT ALWAYS CHANGE!
N8N_BASIC_AUTH_USER=user

# The password to use for authentication - IMPORTANT ALWAYS CHANGE!
N8N_BASIC_AUTH_PASSWORD=password

# Optional timezone to set which gets used by Cron-Node by default
# If not set New York time will be used
GENERIC_TIMEZONE=Europe/Berlin

# The email address to use for the SSL certificate creation
[email protected]

It is missing the domain and subdomain. I tried multiple things as I don’t have a domain name connected yet. I tried only the ip-address and also like this with it commented out.

I can see the the server is listening to the right ports:

COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r   610 systemd-resolve   12u  IPv4  21740      0t0  UDP 127.0.0.53:53 
systemd-r   610 systemd-resolve   13u  IPv4  21741      0t0  TCP 127.0.0.53:53 (LISTEN)
sshd        759            root    3u  IPv4  24803      0t0  TCP *:22 (LISTEN)
sshd        759            root    4u  IPv6  24814      0t0  TCP *:22 (LISTEN)
node       1520            root   18u  IPv4  30296      0t0  TCP 127.0.0.1:35133 (LISTEN)
node       1520            root   19u  IPv4 145973      0t0  TCP 127.0.0.1:35133->127.0.0.1:38708 (ESTABLISHED)
sshd       8555            root    4u  IPv4 145489      0t0  TCP <public IP of server>:22->94.212.48.149:50765 (ESTABLISHED)
sshd       8555            root    9u  IPv4 145978      0t0  TCP 127.0.0.1:38710->127.0.0.1:35133 (ESTABLISHED)
sshd       8555            root   12u  IPv4 145972      0t0  TCP 127.0.0.1:38708->127.0.0.1:35133 (ESTABLISHED)
node       8692            root   19u  IPv4 145979      0t0  TCP 127.0.0.1:35133->127.0.0.1:38710 (ESTABLISHED)
docker-pr 12326            root    4u  IPv4 207374      0t0  TCP *:443 (LISTEN)
docker-pr 12331            root    4u  IPv6 207382      0t0  TCP *:443 (LISTEN)
docker-pr 12343            root    4u  IPv4 207432      0t0  TCP *:80 (LISTEN)
docker-pr 12348            root    4u  IPv6 207438      0t0  TCP *:80 (LISTEN)
docker-pr 12407            root    4u  IPv4 207756      0t0  TCP 127.0.0.1:5678 (LISTEN)

This is the log file of the traefik docker container:

time="2022-03-27T09:40:29Z" level=error msg="accept tcp [::]:8080: use of closed network connection" entryPointName=traefik
time="2022-03-27T09:40:29Z" level=error msg="Error while starting server: accept tcp [::]:8080: use of closed network connection" entryPointName=traefik
time="2022-03-27T09:40:29Z" level=error msg="accept tcp [::]:80: use of closed network connection" entryPointName=web
time="2022-03-27T09:40:29Z" level=error msg="Error while starting server: accept tcp [::]:80: use of closed network connection" entryPointName=web
time="2022-03-27T09:40:29Z" level=error msg="accept tcp [::]:443: use of closed network connection" entryPointName=websecure
time="2022-03-27T09:40:29Z" level=error msg="Error while starting server: accept tcp [::]:443: use of closed network connection" entryPointName=websecure
time="2022-03-27T09:40:43Z" level=info msg="Configuration loaded from flags."
time="2022-03-27T09:40:55Z" level=error msg="Unable to obtain ACME certificate for domains \".\": cannot get ACME client acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-acct :: urn:ietf:params:acme:error:invalidEmail :: Error creating new account :: invalid contact domain. Contact emails @example.com are forbidden" providerName=mytlschallenge.acme rule="Host(`.`)" routerName=n8n@docker ACME CA="https://acme-v02.api.letsencrypt.org/directory"

What am I doing wrong? Can I even run the instance without a domain and subdomain?

I hope someone can help me out!

Cheers!

Jon · March 27, 2022, 10:09am

Hey @mark_de_jonge,

Welcome to the community

Looking at the compose file you have n8n locally on 127.0.0.1 so you won’t be able to use the 5678 port, you would need to use 80 or 443 (with https) to go through the Traefik proxy.

If you remove 127.0.0.1 from the n8n ports option it would work but you would need to restart / rebuild the container for the change to kick in and remember to put it back when you do use a domain so that the proxy can’t be bypassed.

mark_de_jonge · March 27, 2022, 10:30am

Hi Jon,

Thanks for the welcome and reply!

Just to be sure I should change it into?:

 ports:
      -"5678:5678"

edit: This change didn’t work yet.

What should I put under domain name and subdomain if I’m running it on my digital ocean server:

# The top level domain to serve from
DOMAIN_NAME=

# The subdomain to serve from
SUBDOMAIN=

Edit: So I got it working now, but only when I use the domain name I use. Is it possible to run in just based on the ip address without a domain and sub domain? And it only works on http not on https. Any idea how I can fix that?

Thanks so much

Cheers

Jon · March 27, 2022, 11:30am

That port looks right, you would need to change the protocol to http and set the host and webhook url to the IP.

mark_de_jonge · March 28, 2022, 3:47pm

Hi Jon,

Works like a charm, thanks!

Cheers!

onurbolaca · February 26, 2023, 3:05pm

Hey @mark_de_jonge ,

I’m also looking for a solution to work n8n only with ip address without any domain.

Can you share your final .env and docker-compose.yml file look?

onurbolaca · February 26, 2023, 3:32pm

Alright,

This is the answer to run self-hosted n8n app without a domain address.
#Run self hosted n8n only with the server IP address and a port.

It worked like this:

put your ip address of your server to the place of IPADDRESS

docker-compose.yml

version: "3"

services:
  traefik:
    image: "traefik"
    restart: always
    command:
      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ${DATA_FOLDER}/letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro

  n8n:
    image: n8nio/n8n
    restart: always
    ports:
      - "5678:5678"
    labels:
      - traefik.enable=true
      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
      - traefik.http.routers.n8n.tls=true
      - traefik.http.routers.n8n.entrypoints=web,websecure
      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
      - traefik.http.middlewares.n8n.headers.STSPreload=true
      - traefik.http.routers.n8n.middlewares=n8n@docker
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER
      - N8N_BASIC_AUTH_PASSWORD
      - N8N_HOST=IPADDRESS
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - NODE_ENV=production
      - WEBHOOK_URL=https://IPADDRESS/
      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
    volumes:
      - ${DATA_FOLDER}/.n8n:/home/node/.n8n
      - /home/onur/n8n-local-files:/files

.env file

DATA_FOLDER=/home/onur/n8n/
DOMAIN_NAME=
SUBDOMAIN=
N8N_BASIC_AUTH_USER=onur
N8N_BASIC_AUTH_PASSWORD=password
GENERIC_TIMEZONE=Europe/Berlin
[email protected]

onurbolaca · February 26, 2023, 3:49pm

But I wonder @Jon ,

Isn’t possible to run with https protocol when only using the ip address as host like above?

Because it didnt work with https when I use the protocol https. I need to connect with http://

Jon · February 27, 2023, 6:05am

Hey @onurbolaca,

You should be able to use it with https if you have a certificate created and set to use.

onurbolaca · February 27, 2023, 8:18am

Thanks @Jon ,

Is there any documentation to create certificate? Or it is a general thing that I should find online?

Jon · February 27, 2023, 9:55am

Hey @onurbolaca,

It is a fairly general thing so you can use whatever tools you would normally use although using a self signed certificate isn’t ideal and is good for testing but if you are going for a production setup I wouldn’t recommend it.

MutedJam · May 28, 2023, 9:55am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.