Problem launching n8n wih DNS

Questions
1

I recently installed N8N on a server using Docker with an N8N image that uses Traefik labels. I also configured the domain of my project in the .env file.
However, I’m having an issue with the reverse proxy that blocks the process when I try to run my workflow using the DNS. Yet, using the IP address with full network access, I can run the workflow normally.
I’m using version 0.219.0 of N8N with Postgresql 11 and Mongo 4.4. Has anyone encountered a similar issue in N8N? If so, how did you solve this problem?
diagramme_sans_nom.drawio
image_480

Information on your n8n setup

  • n8n 0.219.0
  • Database you’re using PostgreSQL 11):
  • Running n8n with the execution process [own(default), main]:own
  • Running n8n via [Docker, npm, n8n.cloud, desktop app]:Docker
2

Hi @Micka_Rakotomalala, welcome to the community :wave:

This behaviour could suggest a problem with the reverse proxy (or possibly load balancer and other network components) you have in use. Would that be just Traefik or do any other components sit between n8n and your browser?

3

Hi @MutedJam , thank you very much. :smiley:
Pleased to meet you !

There is my docker-compose :

version: '3.1'

services:

  postgres:
    image: postgres:11
    container_name: postgres
    restart: always
    #expose: 
    #  - 5435
    ports:
      - 5435:5432
    env_file:
      - .env
    volumes:
      - /opt/n8n-prod/data/database/postgresql:/var/lib/postgresql/data
        #healthcheck:
        #test: ["CMD-SHELL", "pg_isready -h localhost -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
        #interval: 5s
        #timeout: 20s
        #retries: 10
    networks:
      - servernet

  redis:
    image: redis:6-alpine
    container_name: redis
    restart: always
    volumes:
      - redis_storage:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 5s
      timeout: 20s
      retries: 10

  mongo:
      image: mongo:4.4
      env_file:
      - .env
      ports:
        - "27018:27017"
      networks:
      - servernet
      volumes:
        - my-mongo-volume:/data

  n8n:
    image: n8nio/n8n:0.218.0
    restart: always
    labels:
      - traefik.enable=true
      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
      - traefik.http.routers.n8n.tls=true
      - traefik.http.routers.n8n.entrypoints=web,websecure
      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
      - traefik.http.middlewares.n8n.headers.STSPreload=true
      - traefik.http.routers.n8n.middlewares=n8n@docker
    env_file:
      - .env
    ports:
      - 5678:5678
    links:
      - postgres
      - redis
      - mongo
    volumes:
      - /opt/n8n:/home/node/
      - /opt/sftp-n8n/data/uploads:/home/data
    command: /bin/sh -c "n8n start; sleep 5; n8n worker"
    depends_on:
      - postgres
      - redis
      - mongo
    networks:
      - servernet
      
  traefik:
      image: "traefik"
      restart: always
      command:
        - "--api=true"
        - "--api.insecure=true"
        - "--providers.docker=true"
        - "--providers.docker.exposedbydefault=false"
        - "--entrypoints.web.address=:80"
        - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
        - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
        - "--entrypoints.websecure.address=:443"
        - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
        - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
        - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
      ports:
        - "8082:80"
        - "445:443"
      volumes:
        - /opt/n8n/letsencrypt:/letsencrypt
        - /var/run/docker.sock:/var/run/docker.sock:ro

networks:
  servernet:
    driver: bridge

volumes:
        #db_storage:
    n8n_storage:
    redis_storage:
    my-mongo-volume:
        external: false

When I launch the application using the IP, the process ends correctly without any errors. However, when I use the DNS, sometimes it starts and stops at the end of the node by endlessly pushing the session ID, and sometimes it never starts, but the logs show that it’s working in the background even though the UI is blocked.

Are there any other flows to add on the reverse proxy side besides the 5678 input port and the telemetery?

My architecture apps networks

N8N physique (2)
N8N physique (2)2705×897 177 KB

4

I really don’t see what the problem is with DNS, with the network other than the private IP it never starts

5

Hi @Micka_Rakotomalala, suspect the problem isn’t so much with the DNS as with one of the network components between n8n and your browser. n8n uses Server-Sent Events (SSE) to communicate with the UI which one of the components appear to be blocking. A working example config for nginx can be found here, but there might be more in your setup preventing these from working.

Also, seeing you already have nginx in place as shown on your architecture graph you wouldn’t need to use Traefik with n8n (and could remove this bit of additional complexity).

Lastly, we added support for WebSocket as an alternative to SSE recently which you could test if you’re having trouble with SSE. To do so, you’d need to set the N8N_PUSH_BACKEND environment variable to websocket.

6

awesome, I’ll use it and get back to you as soon as possible.

1 Like
7

This is my working configuration for docker + traefik.
Feel free to ask me questions, I have multiple instances running this way without issues

version: '3.1'

volumes:
  db_storage:
  n8n_storage:

services:

  db:
    image: mariadb:10.7
    container_name: n8n-db
    restart: always
    environment:
      - MARIADB_ROOT_PASSWORD
      - MARIADB_DATABASE
      - MARIADB_USER
      - MARIADB_PASSWORD
      - MARIADB_MYSQL_LOCALHOST_USER=true
    volumes:
      - db_storage:/var/lib/mysql
    healthcheck:
      test: "/usr/bin/mysql --user=${MARIADB_USER} --password=${MARIADB_PASSWORD} --execute 'SELECT 1;'"
      interval: 10s
      timeout: 5s
      retries: 10
    networks:
      - internal

  n8n:
    image: n8nio/n8n:latest
    restart: always
    container_name: n8n_server
    environment:
      - DB_TYPE=mariadb
      - DB_MYSQLDB_HOST=db
      - DB_MYSQLDB_DATABASE=${MARIADB_DATABASE}
      - DB_MYSQLDB_USER=${MARIADB_USER}
      - DB_MYSQLDB_PASSWORD=${MARIADB_PASSWORD}
      - N8N_BASIC_AUTH_ACTIVE=FALSE
      - N8N_EMAIL_MODE=smtp
      - N8N_SMTP_HOST=smtp.postmarkapp.com
      - N8N_SMTP_PORT=587
      - N8N_SMTP_SSL=false
      - N8N_SMTP_USER=${N8N_SMTP_USER}
      - N8N_SMTP_PASS=${N8N_SMTP_PASS}
      - N8N_SMTP_SENDER=xxxx
      - WEBHOOK_TUNNEL_URL=https://domain.com
      - VUE_APP_URL_BASE_API=https://domain.com
    volumes:
      - n8n_storage:/home/node/.n8n
    networks:
      - internal
      - web
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.n8n.rule=Host(`domain`)" # replace this with your own domain
      - "traefik.http.routers.n8n.entrypoints=websecure"
      - "traefik.http.services.n8n.loadbalancer.server.port=5678"
    command: n8n start --tunnel
    depends_on:
      db:
        condition: service_healthy

networks:
  web:
    external: true
  internal:
    external: false
8

I removed in the docker-compose the traefik service, add the N8N_PUSH_BACKEND in the environment. And also configured the reverse proxy on the ngnix side with “upgrade”, and it’s fixed. Thanks a lot.

1 Like
9

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.