Docker compose to self host n8n in private Tailscale Wireguard network with Webhooks publically exposed

serg · February 10, 2025, 9:36pm

Greeting to the n8n people!

Since I was contacted few times regardig my setup that I quickly drafted in How to configure n8n to be used over local network - #4 by serg, I decided to share git repository with template that enables following:

run n8n in secure private Wireguard network with no login / UI exposed to the internet
n8n instance is accessible via private Tailscale host for all devices that are connected to the same Tailnet
expose Webhooks to the internet via DNS domain
SSL certificates for public DNS domain and private Tailscale host are managed automatically

You will find the templates in below Github repository. Please try it out and post your questions or feedback in case you face any problems with it.

Cheers,
Serge

konung · March 14, 2025, 9:13pm

This is great. I was just looking for a doc or blog or board message to see if anybody has done it and ran into this. Thank you so much for sharing!

serg · March 15, 2025, 6:11am

Hey @konung,

great to hear that. Please let me know if you experience any issues with the setup of maybe you have ideas on how it can be improved.
I ran it only in vanilla docker-compose, from the cli. I think it needs to be tweaked to be run in Portainer or similar tool.
Enjoy

Best,
Serge

konung · March 15, 2025, 6:23pm

Hi .

I’ve never used Caddy or Traefik before, I’ve always used nginx as my reverse proxy, so take my results with a grain of salt.

I couldn’t get Traefik to route me to registration page, spent several hours google and debugging with a help of AI. I think the issue is my lack of familiarity with Traefik.

However, Caddy took all of 10 mins to setup, and that was me mostly double-checking my settings, setting up VPS - etc. Very easy.

Thank you!!