N8n and traefik problems - 502 response

My config looks like this:
Env:

N8N_BASIC_AUTH_ACTIVE=true
N8N_BASIC_AUTH_USER=username
N8N_BASIC_AUTH_PASSWORD=pasword
GENERIC_TIMEZONE=Europe/Warsaw
TZ=Europe/Warsaw
N8N_PORT=5678
WEBHOOK_TUNNEL_URL=https://n8n.domain.com/
VUE_APP_URL_BASE_API=https://n8n.domain.com/
N8N_PROTOCOL=https
N8N_HOST=n8n.domain.com

Traefik labels:

traefik.frontend.rule=Host:n8n.domain.com
traefik.port=5678

All other containers works fine, except n8n. Do I need add something more? I’m getting 502 http response very often.

Hi @Kacper - I’m sorry but I can’t help with you but I just wanted to add to this thread. I’m unable to make Traefik work with n8n to connect to the server.

No matter what I try with Traefik in front I am presented with:

Server connection could not be established.
The server is down or there is a connection problem.
It will reconnect automatically as soon as the backend can be reached

My settings are as follows:

version: '3.7'
services:
  
  dev-n8n-app:
    image:  n8nio/n8n
    container_name: n8n-app
    ports:
    - 5678:5678
    labels:
    - traefik.enable=true
    - traefik.frontend.rule=Host:.n8n.hostname.org
    - traefik.port=5678
    - traefik.protocol=http
    - traefik.docker.network=proxy
    - traefik.backend=n8n-app
    volumes:
    - ./data:/root/.n8n
    environment:
    - N8N_BASIC_AUTH_ACTIVE=true
    - N8N_BASIC_AUTH_USER=***
    - N8N_BASIC_AUTH_PASSWORD=***

    - GENERIC_TIMEZONE=America/Vancouver
    - TZ=America/Vancouver

    - WEBHOOK_TUNNEL_URL=https://n8n.hostname.org/
    - VUE_APP_URL_BASE_API=https://n8n.hostname.org/

    - N8N_PROTOCOL=https
    - N8N_HOST=n8n.hostname.org
    - N8N_PORT=5678
    networks:
    - proxy
    - services
    restart: always

networks:
  proxy:
    external: true
  services:
    external: true

If I portmap 5678 directly I have no issues, but for obvious reasons I want to put it behind a Reverse Proxy/SSL Terminator.

Sorry, @kacper can not see what is wrong. But did you follow that instruction here exactly?

Because then it should work without a problem. And there is, for example, no need to change anything at all in the docker-compose file. You should only need to make changes in the .env file.

@tiredofit Similar for you. Please simply follow the instructions in the docs. It should then work perfectly. What you both are experiencing are actually not issues directly related to n8n, they are traefik setup related issues and I am in no way an expert there. For that reason can I sadly not be much of a help there.
It looks like also you are making a lot of changes to the docker-compose file instead of only editing the .env file like written in the docs. So hard to say what and how many things are wrong. But what I can see on the first sight is that you have a dot in front of the host-name in the label (traefik.frontend.rule) and your container is called “dev-n8n-app” but you are referencing in “traefik.backend” “n8n-app” instead. No idea if it works if you make that changes. It is simply best to follow the published guide.

I’ll have a peek once more time with the docs but our traefik configuration is pretty standard - and the mismatched names shouldn’t have issues.

After I posted this I took a peek at your nginx configuration and noted some tweaks with regards to websockets, which is where I believe the issue is residing. I’ve just been swamped on some unrelated business things today and will dive deep early tomorrow morning on trying to match option for option what you have listed in nginx and build a working example that all can benefit from. Good catch on the ‘.’ in my host rule - That was just my mangling to make my actual hostname not visible.

Will keep you posted when I find the solution.

You are right. The name should not cause any problems. I did not realize that it is literally just setting the name. That sadly shows again how badly I am equipped to help in that regard. It took me a very long time to get the setup, which is now in the docs, up an running (especially without using external configuration files). And because of that, and my lack of knowledge am I pushing so hard to use the posted setup. Sorry that I can not be of any help in that regard. If you can not find the problem yourself I suggest asking in the traefik community for help. For them, it is probably very easy to spot the issue.

Ah yes, any improvements are more than welcome. Best of luck

@jan @tiredofit thanks for help, I’ve recreated container with this params and everything works well:

Env:
VUE_APP_URL_BASE_API	"https://n8n.domain.com/"
N8N_PROTOCOL	https
N8N_PORT	443
N8N_HOST	n8n.domain.com
GENERIC_TIMEZONE	"Europe/Warsaw"
N8N_BASIC_AUTH_ACTIVE	true
N8N_BASIC_AUTH_USER	username
N8N_BASIC_AUTH_PASSWORD	password

Labels:	
traefik.frontend.rule	Host:n8n.domain.com
traefik.port	443  

@Kacper Ah that is really great to hear! Then wish you fun with n8n and come back to the forum if you have any other problems or questions.

@jan Thank you. I’m trying to format Telegram messages and faced lacking thing, can you please look at this topic:

Meybe you’ll know sollution

Alright - I have it working behind Traefik now - The problem is a known problem with Traefik when you have https compression enabled. Simply changing compression to false for my https entrypoint made it work. It’s not optimal as I’d like to have all traffic compressed, but I’ll deal with it for now as it says they will resolve it in version 2.1 - I’m still on 1.7 and 2.x is a nightmare for me to figure out at this time, so it may be a while till I return with working Traefik 2.x config.

Reference: Traefik stuck when used as frontend for a streaming API · Issue #560 · traefik/traefik · GitHub
Reference: Problem with text/event-stream when compress=true · Issue #2576 · traefik/traefik · GitHub

[entryPoints.https]
address = “:443”
compress = false

@tiredofit Ah now I remember that I also did run into that issue when I did enable compression. That is why it is not set in the example configuration in the docs. And if it does not get set to “true” it should be “false” by default.
It is also not needed to activate compression as n8n does compress the data already by itself. The only data that is not compressed is the EventSource data and that one is the one that makes problems with traefic. And the bug-fix they did, if I remember correctly, was to also simply deactivate compression for that data. So activating compression in traefik will literally not change anything except breaking things.