- Installed Linux on the server machine.
- In your domain provider, add a DNS record:
- Type: A
- Domain: your-domain.com
- IP: your router's static IP (WAN IP)
sudo apt updatesudo apt install docker.iosudo systemctl start dockersudo systemctl enable docker- Go to WAN > Virtual Server / Port Forwarding tab in your router settings
- Enable port forwarding:
- Service Name: Your preferred name
- Protocol: TCP
- External Port: 443 (use 443 for HTTPS, 80 for HTTP, or 5678 for n8n directly with the built-in Apache2 of Debian)
- Internal Port: Same as the external port (443, 80, or 5678)
- Internal IP Address: The internal IP of your home server (use ifconfig to check)
- Source IP: Empty
To configure your firewall to allow only traffic on port 443 (HTTPS) using UFW (Uncomplicated Firewall) on a Debian server:
Deny all incoming connections by default:
Deny All Incoming Connections (if not already set): This ensures that all incoming connections are blocked by default, except those explicitly allowed.
Note: If you're using SSH (usually on port 22), make sure to allow this port as well or skip this step if you only need access through the port defined in the previous step.
sudo ufw default deny incomingAllow Outgoing Connections (if not already set): Allows all outgoing connections (usually the default setting).
sudo ufw default allow outgoingAllow HTTPS Traffic on Port 443: Allow incoming traffic on port 443 for HTTPS.
sudo ufw allow 443/tcpRemove Existing Rules for Port 80 (if necessary): If you previously allowed port 80 (HTTP) and want to block it, you can remove that rule:
sudo ufw delete allow 80/tcpEnable UFW (if it’s not already enabled):
sudo ufw enableCheck UFW Status: Verify the firewall rules with:
sudo ufw status verboseEnsure that only port 443 is allowed.
Remove Other Incoming Rules (if needed): If other ports like 5678 are still allowed, you can remove them:
sudo ufw delete allow 5678/tcpTo run n8n with Docker, use the following command:
sudo docker run -d --restart unless-stopped -it \
--name n8n \
-p 5678:5678 \
-e N8N_HOST="your-domain.com" \
-e WEBHOOK_TUNNEL_URL="https://your-domain.com/" \
-e WEBHOOK_URL="https://your-domain.com/" \
-v ~/.n8n:/root/.n8n \
n8nio/n8nsudo apt install nginxsudo nano /etc/nginx/sites-available/n8n.confAdd the following configuration for Nginx:
Important: If you're using HTTPS, the port forwarding must be set to 443 for HTTPS, 80 for HTTP, or 5678 for n8n using the built-in Apache2 server in Debian.
server {
server_name your-domain.com;
location / {
proxy_pass http://localhost:5678;
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}Create a symbolic link to enable the configuration:
sudo ln -s /etc/nginx/sites-available/n8n.conf /etc/nginx/sites-enabled/Test the Nginx configuration for errors:
sudo nginx -tRestart Nginx to apply the changes:
sudo systemctl restart nginxIf you encounter an error related to missing configuration files, follow these steps to remove existing configuration files:
sudo rm -rf /etc/nginx/sites-available/*
sudo rm -rf /etc/nginx/sites-enabled/*Then, repeat the Nginx configuration steps.
If you receive an error indicating that port 80 is already in use, check if Apache2 is using the port:
sudo netstat -tulpn | grep ':80'If Apache2 is running, stop it:
sudo systemctl stop apache2Install Certbot and the necessary Nginx plugin:
sudo apt install certbot python3-certbot-nginx- Obtain an SSL Certificate To obtain an SSL certificate for your domain:
sudo certbot --nginx -d your-domain.comTo check the certificate, you can use SSL Labs