I am self hosting n8n and I’ve succesfully setup my first workflow.
In order to secure the instance I’ve set WEBHOOK_URL=https://${TAILSCALE_DOMAIN}/ env var so that the web interface is only available over my private network, but the webhooks are available over the public internet.
https://n8n.funny-name.ts.net (private tailscale network)
https://webhook.funny-name.ts.net (public webhook URL)
While this works for webhooks, it breaks the OAuth Callback URL because the URL is looking for the public webhook URL (https://webhook.funny-name.ts.net} but n8n is only responding to /rest/oauth2-credential/callback on the private interface (https://n8n.funny-name.ts.net )
HOME=/home/node
HOSTNAME=48ee3d5e830d
N8N_HOST=0.0.0.0
N8N_PORT=5678
N8N_RELEASE_TYPE=stable
PUBLIC_DOMAIN=webhook.funny-name.ts.net
WEBHOOK_URL=https://webhook.funny-name.ts.net/
The host is behind a caddy reverse proxy and I’ve even tried having caddy try and spoof the URL with no luck.
Is this a bug? Or how to host the callback url publically along side the webhooks while keeping the web interface private?
Information on your n8n setup
- n8n version: [1.104.x]
- Database: [SQLite]
- n8n EXECUTIONS_PROCESS setting (own]:
- Running n8n via (Docker Compse]:
- Operating system: Debian12/Docker