Setting up n8n on DigitalOcean

Hey guys!

I’ve ran through all the steps on [https://docs.n8n.io/reference/server-setup.html](server setup) but I’m unable to access n8n at the url set in .env.

When running sudo docker-compose up I get this error message from traefik

time="2020-08-09T21:11:23Z" level=error msg="Unable to obtain ACME certificate for domains \"connect.bobal.io\": unable to generate a certificate for the domains [connect.bobal.io]: error: one or more domains had a problem:
[connect.bobal.io] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Cannot negotiate ALPN protocol \"acme-tls/1\" for tls-alpn-01 challenge, url: 
" [email protected] rule="Host(`connect.bobal.io`)" providerName=mytlschallenge.acme

Is anyone able to point in the right direction to sort this one out?

Cheers

Welcome to the community @jonnygwi!

It looks like it can not create the SSL-Certificate for some reason. What exactly is wrong I sadly do not know. Is not directly related to n8n has rather to do with Lets Encrypt. So probably best if you Google for the message “Unable to obtain ACME certificate” it will then display you some possible solutions you can try.

Hey @jan! Thanks for getting back to me. I’ll have a look around and report back.

Deactivating my cloudflare proxy fixed the issue

Thanks a lot for sharing the solution to the problem! Happy to hear that it works now.

Have fun!

@jonnygwi … curious about your setup on DigitalOcean. Did you just spin up an Ubuntu droplet, load Docker/Compose on it, and then run n8n in the container? What size droplet are you running?

Hey @go4cas

Exactly… I just followed the steps in the server setup docs https://docs.n8n.io/reference/server-setup.html.

We’re using the cheapest droplet right now and we’ll see how it goes.

Hey, @jonnygwi Any Update on this buddy? Btw, Are you using a $5 droplet?

Hey @mcnaveen. Setting up n8n on DigitalOcean this post was the fix… Sorry I should have marked it as the solution. We are using the cheapest droplet however much that is.

1 Like

Ah. Got it.

I want to run it in nginx virtual host. Wish there was some guide.

Probably you can apply something like this nginx configuration (non https port):

server {
  listen      [::]:80;
  listen      80;
  access_log  /var/log/nginx/n8n-access.log;
  error_log   /var/log/nginx/n8n-error.log;

	server_name mydomain.com;
	
	# Add index.php to the list if you are using PHP
	location / {
		proxy_pass http://DOCKER_CONTAINER_IP:5678;
                proxy_redirect default;
		proxy_http_version 1.1;
       	 	proxy_set_header Upgrade $http_upgrade;
        	proxy_set_header Connection 'upgrade';
        	proxy_set_header Host $host;
        	proxy_cache_bypass $http_upgrade;
		proxy_set_header        X-Real-IP       $remote_addr;
		proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
	}
}

Be careful with DOCKER_CONTAINER_IP. If you stop and start n8n container, you will probably have to update nginx config with the new container IP (unless you fix it when creating n8n container).

Finally, use Cloudflare SSL to ensure encrypting communication between endpoints.

Alright, Thanks for this.

Is it possible to run n8n.io without docker container and nginx?

Yes, it is. It is however not recommended.

I successfully Installed in Docker. Looks like anyone with my IP address and Port can access the Workflow editor. Is there any way to protect with Username and Password?

Yes, you can simply activate basic-auth as documented here in the security section of the docs:
https://docs.n8n.io/reference/security.html

@Miquel_Colomer Thank you so much, buddy. I set the Static IP address for the docker container and generated a certificate with the help of LetsEncrypt and as per @jan told. I configured environment variables to use basic-auth.

It worked. Thanks

1 Like

Really happy to hear that it works now. Have fun!

1 Like