I’ve been trying to set up n8n (master/worker) with caddy reverse proxy and external postgresdb and redis on digitalocean without success, I set up 2 managed databases (1 redis(v7) and 1 postgresdb(v15)) and allowed traffic to/from the n8n droplet.
I created a new user for n8n and a new db for n8n with the same name.
I cloned the official docker + caddy git, and followed this guide
(A records + volume creation + caddy config)
I saw that Digitalocean requires SSL connection so I uploaded the CA cert as well
# Path where you created folders earlier.
# Change this if you didn't create them in the repo checked out in the root directory.
DATA_FOLDER=/root/n8n-docker-caddy
# The top level domain to serve from, this should be the same as the subdomain you created above
DOMAIN_NAME=mydomain.com
# The subdomain to serve from
SUBDOMAIN=mysubdomain
# DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from
# above example would result in: https://n8n.example.com
# Optional timezone to set which gets used by Cron-Node by default
# If not set New York time will be used
GENERIC_TIMEZONE=Europe/Berlin
# The email address to use for the SSL certificate creation
[email protected]
I would maybe start with a single instance on something like SQlite first just to make sure it works then bring in the other components. For this case though the issue could be a few things, The one I think it is though is we don’t support TLS for Redis at the moment.
If you try dropping the queue mode settings and remove redis and see if that works it will help confirm if that is the case.
I removed the postgres and redis, n8n started up fine.
I tried readding only redis (I think they don’t force TLS for that, at least they dont mention it in the panel).
(if execution_mode is not set, it seems to ignore redis parameters because i put a wrong host on purpose and everything seemed to work fine)
with the execution mode set, its unable to connect, showing:
Redis unavailable - trying to reconnect…
until it exits.
(ufw is disabled, no firewall is enabled on DO droplet and I tried also opening up the DB to all incoming connections, no go)
leaving only the postgresdb, will also crash the n8n,
as far as i see all credentials are correct, its just not able to access the managed DO databases but I have no idea why, is PG 15 and Redis 7 supported or maybe I need an earlier version
Using the node connecting to the postgres works (only if “Ignore SSL issues” is enabled, i dont see anywhere to insert a ca-certificate in the credentials)
one thing to note, the DB is completely empty, should I initialize it with any tables?
noticed that this was missing
DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false
The database tables will be created once it connects so you won’t have to do anything there, can you try setting DB_LOGGING_ENABLED to true and DB_LOGGING_OPTIONS to all then start up the container and see if it logs anything extra? You may also need to set DEBUG to *
GRANT ALL ON DATABASE dbname TO dbuser;
ALTER DATABASE dbname OWNER TO dbuser;
GRANT USAGE, CREATE ON SCHEMA PUBLIC TO dbuser;
and now it works!
thanks
Regarding redis and getting it to work, as far as i can see there is no way to disable TLS on managed database, so I need to set up a separate redis droplet and have all the worker nodes connected to it?
Hope that TLS will be supported soon