Hi there,
I use cloudflare tunnel to expose n8n to the Internet.
Recently I had a problem adding a new integration that used OAuth for authorization, my rest callback url always returns a 401 Unauthorized error.
It worked fine before, but I don’t know exactly when it stopped and after which update.
My docker compose:
version: '3.8'
x-shared: &shared
image: n8nio/n8n:1.22.6
restart: unless-stopped
environment:
- N8N_PORT=5678
- N8N_PROTOCOL=https
- NODE_ENV=production
- WEBHOOK_URL=https://${domain}/
- N8N_HOST=${domain}
- N8N_ONBOARDING_FLOW_DISABLED=true
- NODE_FUNCTION_ALLOW_BUILTIN=crypto
- EXECUTIONS_DATA_PRUNE=true
- EXECUTIONS_DATA_MAX_AGE=730
- EXECUTIONS_DATA_PRUNE_MAX_COUNT=0
- EXECUTIONS_DATA_SAVE_ON_ERROR=all
- EXECUTIONS_DATA_SAVE_ON_SUCCESS=all
- EXECUTIONS_DATA_SAVE_ON_PROGRESS=false
- EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=true
- EXECUTIONS_TIMEOUT=1800
- GENERIC_TIMEZONE=Europe/Warsaw
- TZ=Europe/Warsaw
- 'N8N_ENCRYPTION_KEY=${n8n_key}'
- DB_TYPE=postgresdb
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_HOST=postgres
- DB_POSTGRESDB_USER=${db_user}
- DB_POSTGRESDB_PASSWORD=${db_pass}
- DB_POSTGRESDB_SCHEMA=n8n
- EXECUTIONS_MODE=queue
- QUEUE_BULL_REDIS_HOST=redis
- 'QUEUE_BULL_REDIS_PASSWORD=${redis_pass}'
- QUEUE_HEALTH_CHECK_ACTIVE=true
networks:
- default
- n8n_addon
depends_on:
redis:
condition: service_healthy
postgres:
condition: service_healthy
services:
postgres:
container_name: postgres
image: postgres:15
restart: unless-stopped
volumes:
- /home/docker/ct/n8n-DB/PostgresDB:/var/lib/postgresql/data
healthcheck:
test: ['CMD-SHELL', 'pg_isready -h localhost -U ${db_user}']
interval: 5s
timeout: 5s
retries: 10
environment:
POSTGRES_PASSWORD: ${db_pass}
POSTGRES_USER: ${db_user}
TZ: Europe/Warsaw
PGTZ: Europe/Warsaw
redis:
container_name: redis
image: redis:7-alpine
restart: unless-stopped
command: redis-server --requirepass ${redis_pass}
volumes:
- /home/docker/ct/n8n-DB/redis:/data
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
interval: 5s
timeout: 5s
retries: 10
n8n-worker:
<<: *shared
command: worker --concurrency=5
deploy:
mode: replicated
replicas: 8
volumes:
- /home/docker/ct/n8n-DB/n8n/ssh:/home/node/.n8n/ssh
- /home/docker/ct/n8n-DB/n8n/nodes:/home/node/.n8n/nodes
- /home/docker/ct/n8n-DB/storage:/localstorage
- /home/docker/ct/graylog/graylog/data/lookup_tables:/graylog_lookup_tables
depends_on:
- n8n
n8n:
<<: *shared
container_name: n8n-db
ports:
- 192.168.0.106:5678:5678
volumes:
- /home/docker/ct/n8n-DB/n8n:/home/node/.n8n
- /home/docker/ct/n8n-DB/storage:/localstorage
- /home/docker/ct/graylog/graylog/data/lookup_tables:/graylog_lookup_tables
cloudflared:
container_name: cf-tunnel-n8n
image: cloudflare/cloudflared
restart: unless-stopped
labels:
- com.centurylinklabs.watchtower.enable=true
- com.centurylinklabs.watchtower.scope=watchtower
environment:
- NO_AUTOUPDATE=true
command: tunnel run --token ${cf_token}
n8n_addon:
name: n8n_addon
external: true
Cloudflare tunel configuration:
I can execute externally any URL defined in cloudflare tunnel, except rest/oauth2-credential/callback
It always returns Unauthorized