Here is my doker-compose.yaml file, which create two n8n instances and traefik for reverse proxy.
version: '3.7'
services:
traefik:
image: 'traefik'
restart: always
command:
- '--api=true'
- '--api.insecure=true'
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--entrypoints.web.address=:80'
- '--entrypoints.web.http.redirections.entryPoint.to=websecure'
- '--entrypoints.web.http.redirections.entrypoint.scheme=https'
- '--entrypoints.websecure.address=:443'
- '--certificatesresolvers.mytlschallenge.acme.tlschallenge=true'
- '--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}'
- '--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json'
ports:
- '80:80'
- '443:443'
- '8080:8080'
volumes:
- traefik_data:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- traefik
n8n1:
container_name: n8n1
image: docker.n8n.io/n8nio/n8n
restart: always
ports:
- '127.0.0.1:5678:5678'
labels:
- traefik.enable=true
- traefik.http.routers.n8n1.rule=Host(`n8n1.${DOMAIN_NAME}`)
- traefik.http.routers.n8n1.tls=true
- traefik.http.routers.n8n1.entrypoints=web,websecure
- traefik.http.routers.n8n1.tls.certresolver=mytlschallenge
- traefik.http.middlewares.n8n1.headers.SSLRedirect=true
- traefik.http.middlewares.n8n1.headers.STSSeconds=315360000
- traefik.http.middlewares.n8n1.headers.browserXSSFilter=true
- traefik.http.middlewares.n8n1.headers.contentTypeNosniff=true
- traefik.http.middlewares.n8n1.headers.forceSTSHeader=true
- traefik.http.middlewares.n8n1.headers.SSLHost=n8n1
- traefik.http.middlewares.n8n1.headers.STSIncludeSubdomains=true
- traefik.http.middlewares.n8n1.headers.STSPreload=true
- traefik.http.routers.n8n1.middlewares=n8n1@docker
environment:
- N8N_HOST=n8n1.${DOMAIN_NAME}
- N8N_PORT=5678
- N8N_PROTOCOL=https
- N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
- N8N_VERSION_NOTIFICATIONS_ENABLED=true
- NODE_ENV=production
- N8N_METRICS=true
- QUEUE_HEALTH_CHECK_ACTIVE=true
- WEBHOOK_URL=n8n1.${DOMAIN_NAME}/
- GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
volumes:
- n8n1_data:/home/node/.n8n
networks:
- traefik
n8n2:
container_name: n8n2
image: docker.n8n.io/n8nio/n8n
restart: always
ports:
- '127.0.0.1:8081:5678'
labels:
- traefik.enable=true
- traefik.http.routers.n8n2.rule=Host(`n8n2.${DOMAIN_NAME}`)
- traefik.http.routers.n8n2.tls=true
- traefik.http.routers.n8n2.entrypoints=web,websecure
- traefik.http.routers.n8n2.tls.certresolver=mytlschallenge
- traefik.http.middlewares.n8n2.headers.SSLRedirect=true
- traefik.http.middlewares.n8n2.headers.STSSeconds=315360000
- traefik.http.middlewares.n8n2.headers.browserXSSFilter=true
- traefik.http.middlewares.n8n2.headers.contentTypeNosniff=true
- traefik.http.middlewares.n8n2.headers.forceSTSHeader=true
- traefik.http.middlewares.n8n2.headers.SSLHost=n8n2
- traefik.http.middlewares.n8n2.headers.STSIncludeSubdomains=true
- traefik.http.middlewares.n8n2.headers.STSPreload=true
- traefik.http.routers.n8n2.middlewares=n8n2@docker
environment:
- N8N_HOST=n8n2.${DOMAIN_NAME}
- N8N_PORT=8081
- N8N_PROTOCOL=https
- N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
- N8N_VERSION_NOTIFICATIONS_ENABLED=true
- NODE_ENV=production
- N8N_METRICS=true
- QUEUE_HEALTH_CHECK_ACTIVE=true
- WEBHOOK_URL=n8n2.${DOMAIN_NAME}/
- GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
volumes:
- n8n2_data:/home/node/.n8n
networks:
- traefik
volumes:
n8n1_data:
external: true
n8n2_data:
external: true
traefik_data:
external: true
networks:
traefik:
external: true
If someone has ideas for improvement, don’t hesitate, you are welcome!