cloudflare takes care of ssl for you. you dont have to worry about ssl with cloudflare
Here is a good video
You’ll want to put the local ip of the server with the port in the tunnel settings like:
“192.168.1.10:5678”
1 Like
@mynewopportunities I also made an automation that can set up the cloudflare tunnel for you as well as all of the env vars.
You can find it here. But you need to have the right cloudflare api permissions enabled and the domain controlled in cloudflare or it wont work
1 Like
The cloudflare tunnel is already setup with my IP input.
if you already set up the tunnel, Just go back through the tunnel settings and they give you a doctor command to run that will automatically point to the tunnel.
Just select docker in the setup
Hi Liam,
I am not using Docker anywhere on my cloud host. Its N8N running directly on the host. I have Nginx also installed and running. Just wanted to know more on the SSL certificate and the Tunnel services which CloudFlare provides. I have a “Not secure” sort of warning using CloudFlare’s Free SSL certificate, Will that help if I dont buy any valid certificate from somewhere else, as we will be using CF’s tunnel services?
C:\Windows\System32>cloudflared.exe service install eyJhIjoiMDJkZDUyY2E1ZTE3MTJkZDVmYTQzNWM2MDYxYTYwMDgiLCJ0IjoiNjE4YzM4ODMtZTExZi00ZGU3LTgyYTQtNGNiYzdlNjI2NjQyIiwicyI6Ik5qVXlNR0ZqWkRrdFkyTTROaTAwTURrNUxUaG1aVGd0WVRneU9XWTFNVEZqTVdRMSJ9
2024-10-12T02:53:37Z INF Installing cloudflared Windows service
2024-10-12T02:53:37Z INF cloudflared agent service is installed windowsServiceName=Cloudflared
2024-10-12T02:53:37Z INF Agent service for cloudflared installed successfully windowsServiceName=Cloudflared
The tunnel is sucessfully installed and its up and running.
Also I tried to setup the tunnel as shown in your links which you sent yesterday, I am now having some A AAAA sort of record errors. Can you please help me sort it out?
Thanks!
Hey Liam, Hi.
Here’s what I have accomplished.
- The CNAME record for the tunnel is done.
- The Tunnel is created using CF tunnels
- The JSON file is created for authentication. and finally
- The config file is also ready.
All what I dont know is the TunnelSecret, how an I find it and from where?
The tunnel secret is in the tunnel setup page
All of this is very well documented by cloudflare. A search in their docs should be getting you an answer to all of these questions
Okay. I’ll have a look.
Liam, how do I contact the administrator to unlock my access on Discord channel.
@Jon I guess the discord channel is locked by the admin for asking any further queries.
Here is the content of the env file which you had asked.
root@my-rdp:~# cd /home
root@my-rdp:/home# ls
N8N mynewopportunities opc ubuntu
root@my-rdp:/home# cd N8N
root@my-rdp:/home/N8N# ls
docker-compose.yml n8n.env
root@my-rdp:/home/N8N# cat n8n.env
The top level domain to serve from
DOMAIN_NAME=clouddevops.online
The subdomain to serve from
SUBDOMAIN=n8n
DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from
above example would result in: https://n8n.example.com
Optional timezone to set which gets used by Cron-Node by default
If not set New York time will be used
GENERIC_TIMEZONE=America/New_York
The email address to use for the SSL certificate creation
@mynewopportunities you need to set WEBHOOK_URL and you will be good to go
Hi @Jon , I made a change to the env file. But I am afraid the N8N Gmail node’s URL is still the same.
I am attaching the screenshots for your review.
Thanks!
A few notes (actually 2 ways of saying the same thing) from the discord discussion that might help here:
- The env var
N8N_EDITOR_BASE_URL“takes precedence” over WEBHOOK_URLN8N_EDITOR_BASE_URLis intended for use with n8n running in queue mode (per Jon), but this isn’t explained in the docs.- See: Deployment environment variables | n8n Docs
- (speculation) There could be other ENV settings that also override WEBHOOK_URL for the purposes of generating the oauth redirect URL.
- WEBHOOK_URL is used when
N8N_EDITOR_BASE_URLis NOT set, for the webhook production url, the webhook test url, AND the oauth redirect url.
Hi @hubschrauber , may I get the content which needs to be input in the N8N_EDITOR_BASE_URL please, I saw the docs, the file configuration and the storage location - where this file needs to be accessed, saved and modified is yet unknown to me. Can you please point me to the right doc file please? Thanks!
It is an environment variable, with a value that would be the first part of the redirect URL. It goes where all the other environment variables go, which depends on how you are deploying. For instance, if you’re running with docker, the docker compose would have a section like this:
environment:
- N8N_EDITOR_BASE_URL=https://n8n.example.com
- WEBHOOK_URL=http://n8n.internal-host-name:5678
- N8N_HOST=n8n
- N8N_PORT=5678
- N8N_PROTOCOL=http
...
If it has the value shown above, you would see a generated redirect URL in the Google oauth dialog like:
https://n8n.example.com/rest/oauth2-credential/callback
- On the machine/browser where you are using the n8n editor (i.e. where the oauth sequence will execute in a popup window), the host name (e.g. n8n.example.com) would need to resolve to your n8n instance’s IP. This can be done in a hosts file, or local DNS entry on your router.
- You’ll also need to tell Google what to expect as a redirect url, here: https://console.cloud.google.com/apis/dashboard in the Credentials → Oauth 2.0 Client IDs section for the project/app. It must match what n8n generates as the redirect url.
- Note that Google might not allow you to use a dummy domain like example.com. Google may now require a legitimate, publicly registered domain name (or that might be a requirement for production apps).
- The URL will probably require
httpsas the protocol, but that might depend on which scopes are authorized on the app/client.
Here is the .env file content. I’d appreciate if you could please review it and let me know if there are any errors as such.
I have verified my domain in the Google Cloud and search console too. Still it is not picking it up. Maybe the env file is having some incorrect configuration. Can you please review and assist.
The topic starts to be very complicated.
What is the current configuration? Is n8n behind the proxy/tunnel?
basically for OAuth to work you’ll need to set only WEBHOOK_URL, that in your case should looks as WEBHOOK_URL=https://n8n.clouddevops.online. No ports, no http.
Then you have another task to configure your infrastructure in the way where the domain n8n.clouddevops.online via 443 port will be forwarded to the n8n (plus the SSL certificate should be valid)
Remove N8N_EDITOR_BASE_URL and share your docker compose file this will show us how you are using the env optons, You need to do more than set them in the file.
If you were to follow one of our install guides it would take about 5 / 10 minutes to go through and it will make life a lot easier.