Docker Compose#

这些说明介绍了如何使用 Docker Compose 在 Linux 服务器上运行 n8n。

¥These instructions cover how to run n8n on a Linux server using Docker Compose.

如果你已经安装了 Docker 和 Docker Compose，则可以从步骤 3 开始。

¥If you have already installed Docker and Docker-Compose, then you can start with step 3.

你可以在 n8n-hosting 代码仓库中找到适用于各种架构的 Docker Compose 配置。

¥You can find Docker Compose configurations for various architectures in the n8n-hosting repository.

Self-hosting knowledge prerequisites

Self-hosting n8n requires technical knowledge, including:

Setting up and configuring servers and containers
Managing application resources and scaling
Securing servers and applications
Configuring n8n

n8n recommends self-hosting for expert users. Mistakes can lead to data loss, security issues, and downtime. If you aren't experienced at managing servers, n8n recommends n8n Cloud.

Latest and Next versions

n8n releases a new minor version most weeks. The latest version is for production use. next is the most recent release. You should treat next as a beta: it may be unstable. To report issues, use the forum.

Current latest: 1.122.5 Current next: 1.123.2

1. 安装 Docker 和 Docker Compose#

¥ Install Docker and Docker Compose

Docker 和 Docker Compose 的安装方式取决于你的 Linux 发行版。你可以在以下链接中找到每个组件的具体说明：

¥The way that you install Docker and Docker Compose depends on your Linux distribution. You can find specific instructions for each component in the links below:

按照安装说明操作后，输入以下命令验证 Docker 和 Docker Compose 是否可用：

¥After following the installation instructions, verify that Docker and Docker Compose are available by typing:

docker --version
docker compose version

2. 可选的：非 root 用户访问#

¥ Optional: Non-root user access

你可以选择授予在不使用 sudo 命令的情况下运行 Docker 的权限。

¥You can optionally grant access to run Docker without the sudo command.

要授予你当前登录用户访问权限（假设他们拥有 sudo 访问权限），请运行：

¥To grant access to the user that you're currently logged in with (assuming they have sudo access), run:

sudo usermod -aG docker ${USER}
# Register the `docker` group membership with current session without changing your primary group
exec sg docker newgrp

要授予其他用户访问权限，请键入以下命令，并将 <USER_TO_RUN_DOCKER> 替换为相应的用户名：

¥To grant access to a different user, type the following, substituting <USER_TO_RUN_DOCKER> with the appropriate username:

sudo usermod -aG docker <USER_TO_RUN_DOCKER>

你需要从该用户的任何现有会话运行 exec sg docker newgrp，以便其访问新的组权限。

¥You will need to run exec sg docker newgrp from any of that user's existing sessions for it to access the new group permissions.

你可以通过输入以下命令来验证当前会话是否识别 docker 组：

¥You can verify that your current session recognizes the docker group by typing:

groups

3. DNS 设置#

¥ DNS setup

要在线或通过网络托管 n8n，请创建一个指向你服务器的专用子域名。

¥To host n8n online or on a network, create a dedicated subdomain pointed at your server.

添加一条 A 记录，以便相应地路由子域名：

¥Add an A record to route the subdomain accordingly:

记录类型	名称	目标位置
A	`n8n`(或你所需的子域名)	`<your_server_IP_address>`

4. 创建 `.env` 文件#

¥ Create an .env file

创建一个项目目录来存储你的 n8n 环境配置和 Docker Compose 文件，并导航到该目录：

¥Create a project directory to store your n8n environment configuration and Docker Compose files and navigate inside:

mkdir n8n-compose
cd n8n-compose

在 n8n-compose 目录中，创建一个 .env 文件来自定义 n8n 实例的详细信息。将其更改为与你自己的信息匹配：

¥Inside the n8n-compose directory, create an .env file to customize your n8n instance's details. Change it to match your own information:

.env file
# DOMAIN_NAME and SUBDOMAIN together determine where n8n will be reachable from
# The top level domain to serve from
DOMAIN_NAME=example.com

# The subdomain to serve from
SUBDOMAIN=n8n

# The above example serve n8n at: https://n8n.example.com

# Optional timezone to set which gets used by Cron and other scheduling nodes
# New York is the default value if not set
GENERIC_TIMEZONE=Europe/Berlin

# The email address to use for the TLS/SSL certificate creation
SSL_EMAIL=user@example.com

5. 创建本地文件目录#

¥ Create local files directory

在项目目录中，创建一个名为 local-files 的目录，用于在 n8n 实例和主机系统之间共享文件（例如，使用从磁盘节点读取/写入文件）：

¥Inside your project directory, create a directory called local-files for sharing files between the n8n instance and the host system (for example, using the Read/Write Files from Disk node):

1	`mkdir local-files`

下面的 Docker Compose 文件可以自动创建此目录，但手动创建可确保其具有正确的所有权和权限。

¥The Docker Compose file below can automatically create this directory, but doing it manually ensures that it's created with the right ownership and permissions.

6. 创建 Docker Compose 文件#

¥ Create Docker Compose file

创建 compose.yaml 文件将以下内容粘贴到文件中：

¥Create a compose.yaml file. Paste the following in the file:

compose.yaml file
services:
  traefik:
    image: "traefik"
    restart: always
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - traefik_data:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro

  n8n:
    image: docker.n8n.io/n8nio/n8n
    restart: always
    ports:
      - "127.0.0.1:5678:5678"
    labels:
      - traefik.enable=true
      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
      - traefik.http.routers.n8n.tls=true
      - traefik.http.routers.n8n.entrypoints=web,websecure
      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
      - traefik.http.middlewares.n8n.headers.STSPreload=true
      - traefik.http.routers.n8n.middlewares=n8n@docker
    environment:
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
      - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME}
      - N8N_PORT=5678
      - N8N_PROTOCOL=https
      - N8N_RUNNERS_ENABLED=true
      - NODE_ENV=production
      - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/
      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
      - TZ=${GENERIC_TIMEZONE}
    volumes:
      - n8n_data:/home/node/.n8n
      - ./local-files:/files

volumes:
  n8n_data:
  traefik_data:

上面的 Docker Compose 文件配置了两个容器：一个用于 n8n，一个用于运行 traefik（一个用于管理 TLS/SSL 证书和处理路由的应用代理）。

¥The Docker Compose file above configures two containers: one for n8n, and one to run traefik, an application proxy to manage TLS/SSL certificates and handle routing.

它还会创建并挂载两个 Docker 卷目录，并挂载你之前创建的 local-files 目录：

¥It also creates and mounts two Docker Volumes and mounts the local-files directory you created earlier:

名称	类型	容器挂载	描述
`n8n_data`	Volume	`/home/node/.n8n`	n8n 保存其 SQLite 数据库文件和加密密钥。
`traefik_data`	Volume	`/letsencrypt`	traefik 保存 TLS/SSL 证书数据。
`./local-files`	Bind	`/files`	n8n 实例和主机之间共享的本地目录。在 n8n 中，使用 `/files` 路径从该目录读取和写入数据。

7. 启动 Docker Compose#

¥ Start Docker Compose

输入以下内容启动 n8n：

¥Start n8n by typing:

sudo docker compose up -d

要停止容器，请键入：

¥To stop the containers, type:

sudo docker compose stop

8. 完成#

¥ Done

现在你可以使用在 .env 文件配置中定义的子域名 + 域名组合访问 n8n。以上示例将生成 https://n8n.example.com。

¥You can now reach n8n using the subdomain + domain combination you defined in your .env file configuration. The above example would result in https://n8n.example.com.

n8n 仅支持通过安全的 HTTPS 访问，不支持普通的 HTTP 访问。

¥n8n is only accessible using secure HTTPS, not over plain HTTP.

如果你无法访问实例，请检查服务器的防火墙设置和 DNS 配置。

¥If you have trouble reaching your instance, check your server's firewall settings and your DNS configuration.

下一步步骤#

¥Next steps

Learn more about configuring and scaling n8n.
Or explore using n8n: try the Quickstarts.