Cloudflare tunnel bad gateway

Questions
1

Hi, I’ve been having trouble creating a Cloudflare tunnel to send webhooks to my n8n for some time now.

My configurations worked for a while with the docker compose below, but I simply can’t access the n8n from my subdomain anymore (the web server reported a bad gateway error).

Everything is working perfectly on my localhost. I can also create the tunnel in Cloudflare (it tells me that the tunnel is healthy and in theory functional).

I run n8n on Ubuntu 20.04 (WSL) and always keep the version up to date. Any clues as to what I’m missing?

Docker compose

version: "3"

services:
  traefik:
    image: "traefik"
    restart: always
    command:
      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.email=[myemail]"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare"
      - "--certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
    ports:
      - "80:80"
      - "443:443"
    environment:
      - CF_API_EMAIL=[myemail]
      - CF_API_KEY=[mykey]
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/home/leandro/docker/n8n/cloudflare-origin.pem:/certs/cloudflare-origin.pem"
      - "/home/leandro/docker/n8n/cloudflare-origin.key:/certs/cloudflare-origin.key"
n8n:
    image: docker.n8n.io/n8nio/n8n:latest
    restart: always
    ports:
      - "127.0.0.1:5678:5678"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)"
      - "traefik.http.routers.n8n.tls=true"
      - "traefik.http.routers.n8n.entrypoints=web,websecure"
      - "traefik.http.routers.n8n.tls.certresolver=myresolver"
      - "traefik.http.middlewares.n8n.headers.SSLRedirect=true"
      - "traefik.http.middlewares.n8n.headers.STSSeconds=315360000"
      - "traefik.http.middlewares.n8n.headers.browserXSSFilter=true"
      - "traefik.http.middlewares.n8n.headers.contentTypeNosniff=true"
      - "traefik.http.middlewares.n8n.headers.forceSTSHeader=true"
      - "traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}"
      - "traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true"
      - "traefik.http.middlewares.n8n.headers.STSPreload=true"
      - "traefik.http.routers.n8n.middlewares=n8n@docker"
    environment:
      - "N8N_BASIC_AUTH_ACTIVE=true"
      - "N8N_BASIC_AUTH_USER="
      - "N8N_BASIC_AUTH_PASSWORD="
- "N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}"
      - "N8N_PORT=5678"
      - "N8N_PROTOCOL=https"
      - "NODE_ENV=production"
      - "WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/"
      - "GENERIC_TIMEZONE=${GENERIC_TIMEZONE}"
    volumes:
      - "${DATA_FOLDER}/.n8n:/home/node/.n8n"
      - "/local-files:/files"
2

It looks like your topic is missing some important information. Could you provide the following if applicable.

  • n8n version:
  • Database (default: SQLite):
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • Running n8n via (Docker, npm, n8n cloud, desktop app):
  • Operating system:
3

Hey @lfilippi,

We don’t officially support Cloudflare tunnels so we would need to rely on your knowledge for this one…

When you see the error is your n8n instance running and is the n8n log showing any errors? My understanding is a cloudflare tunnel means you don’t need to open any inbound ports so is the traefik image really needed, It could be that the problem is with that container.

4

Thanks @Jon.

I solved the problem.

2 Likes
5

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.