No reply from docker hosted n8n on my own server

twelsh37 · June 3, 2024, 12:16am

Hey all. I have my first install of n8n hosted in docker on my hosted server. I can request from my url with the port number r, but all I get is the port being reset (I see that in tcpdump).

23:15:00.490229 IP <My Broadband>.61535 > <My Internet Server>.5678: Flags [S], seq 1558230098, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
23:15:00.490375 IP <My Internet Server>.5678 > <My Broadband>.61535: Flags [S.], seq 3618209691, ack 1558230099, win 64240, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
23:15:00.520392 IP <My Broadband>.61535 > <My Internet Server>.5678: Flags [.], ack 1, win 48478, length 0
23:15:00.520394 IP <My Broadband>.61535 > <My Internet Server>.5678: Flags [P.], seq 1:1726, ack 1, win 48478, length 1725
23:15:00.520565 IP <My Internet Server>.5678 > <My Broadband>.61535: Flags [.], ack 1726, win 495, length 0
23:15:00.523432 IP <My Internet Server>.5678 > <My Broadband>.61535: Flags [P.], seq 1:48, ack 1726, win 501, length 47
23:15:00.523545 IP <My Internet Server>.5678 > <My Broadband>.61535: Flags [F.], seq 48, ack 1726, win 501, l
23:15:00.549987 IP <My Internet Server>.5678 > <My Broadband>t.61535: Flags [R], seq 3618209739, win 0, length 0

Am I missing something? I was expecting a new user setup screen like you normally get on a locally hosted setup. My docker command is

I run n8n from docker with the following command.

docker run -it --rm --name n8n -p 5678:5678 -e GENERIC_TIMEZONE="Europe/London" -e TZ="Europe/London" -v n8n_data:/home/node/.n8n docker.n8n.io/n8nio/n8n

Which responds with the following output.

User settings loaded from/home/node/.n8n/config
Initializing n8n process
n8n ready on 0.0.0.0, port 5678
Version: 1.42.1

Editor is now accessible via:
http://localhost:5678/

Press "o" to open in Browser.

I haven’t found anything specific on my system having checked syslog.
I have added the UFW rule:

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Apache Full                ALLOW       Anywhere
5678/tcp                   ALLOW       Anywhere

Any ideas what I am missing?

I followed the instructions in the docs

Information on your n8n setup

1.42.1
default: SQLite:
n8n EXECUTIONS_PROCESS setting (default: own, main):
Running n8n via Docker:
Ubuntu 22.04: Patched and updated

n8n · June 3, 2024, 12:16am

It looks like your topic is missing some important information. Could you provide the following if applicable.

n8n version:
Database (default: SQLite):
n8n EXECUTIONS_PROCESS setting (default: own, main):
Running n8n via (Docker, npm, n8n cloud, desktop app):
Operating system:

twelsh37 · June 3, 2024, 12:23am

Obviously you get great inspiration after pushing out your request. You know like ignoring the obvious.

Hitting the URL with HTTP I get the following response

I guess I’m looking at some configuration issues now.

More pointers would be good

netroy · June 3, 2024, 7:20am

Since you are accessing a remote instance of n8n, you need to either

setup n8n behind a reverse-proxy (like nginx, caddy, or traefik) that takes care of https, or
acknowledge that you are okay with the n8n instance usable over an insecure connection, by setting the env variable N8N_SECURE_COOKIE to false.

The screenshot you shared above seems to convey this exact same message, but if you feel like that warning page could be clearer, please share your suggestions, and we’ll get that page updated

twelsh37 · June 3, 2024, 11:46am

Thanks. I’m new to Traefik. does the docker compose file download the image and get it all working or is that another image I need?

I feel I have a pretty vanilla install utilising the standard ports for n8n, I am hoisting about 100 other virtual web sites on this server on port 443 with TLS from letsencrypt This means I cant free up 443 or 80 for this configuration, Can I set it up to 8080 and 8443 respectively. But again reading around it seems like I might hit issues with certbot/letsencrypt.

I cant be the first to bring this up

Jon · June 3, 2024, 12:44pm

Hey @twelsh37,

You can configure n8n to use a certificate as well but most users find it easier to run a reverse proxy which allows them to run multiple services on the same server using the one port for inbound connections instead of having multiple ports opened.

In your case as have virtual sites I would assume you are using nginx or apache2, both of these can be configured as a reverse proxy and they would handle the SSL for you so you don’t need to worry about it.

netroy · June 3, 2024, 2:22pm

Sounds like you are already using a reverse-proxy, since you can’t have every individual site listening on the same port.
Do you know which reverse-proxy you are using on that server? is it nginx?

twelsh37 · June 3, 2024, 4:57pm

No. I am using Apache named virtual hosts so it works fine and shares the 443 and 80 ports by name and port making a unique socket.

I have used nginx previously in other setups for reverse proxying, but I am not big on it.

twelsh37 · June 3, 2024, 4:59pm

Ahhhm mayhaps I should look at that then and roll a reverse Apache proxy.Gives me something to research as I have never done reverse proxying with Apache yet.

twelsh37 · June 4, 2024, 8:00am

Caveat, I am running n8n in docker but i also have 100+ virtual web hosts in my apache config on the same server.

This worked for me to get n8n running on the same box.

I had to add in the Proxy modules for Apache

Using Ubuntu Linux 22.04 this is

a2enmod proxy
a2enmod proxy_http
a2enmod ssl

Reload the apache configuration’

systemctl reload apache2

I then set up 2 new virtual host in apache.

<VirtualHost *:443>
    ServerName anything.example.com

    ServerAdmin webmaster@localhost
    ServerAlias anything.example.com

    ErrorLog ${APACHE_LOG_DIR}/reverse-proxy-anything.example.com.error.log
    CustomLog ${APACHE_LOG_DIR}/reverse-proxy-anything.example.com.access.log combined

    ProxyPreserveHost On
    ProxyPass / http://localhost:5678/
    ProxyPassReverse / http://localhost:5678/
</VirtualHost>

And the HTTP

<VirtualHost *:80>
    ServerName anything.example.com

    ErrorLog ${APACHE_LOG_DIR}/reverse-proxy-http.anything.example.com.error.log
    CustomLog ${APACHE_LOG_DIR}/reverse-proxy-http.anything.example.comccess.log combined

    ProxyPreserveHost On
    ProxyPass / http://localhost5678:/
    ProxyPassReverse / http://localhost:5678/
RewriteEngine on
RewriteCond %{SERVER_NAME} =anything.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

I then ran ‘certbot --apache’ and enabled letsencrypt for TLS

certbot --apache

restarted apache2

Stopped the docker instance - I only have n8n running in docker currently

docker compose down

In the n8n docker image i removed any reference to Traefik then started docker again.

docker compose up -d

I can now hit my n8n URL and get to the system easily.
Thanks to @netroy and @Jon for pointing me in the correct direction.

system · June 11, 2024, 8:00am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.