Skip to main content

Instalación n8n Community en Nexus

(Docker + PostgreSQL host + Nginx + UFW)

Infraestructura base

  • Servidor: Nexus (Debian 13)
  • Docker + Docker Compose
  • PostgreSQL 17 en el host
  • Nginx como reverse proxy
  • UFW activo
  • Dominio: n8n.nube42.es
  • Certificados: Let's Encrypt vía certbot --nginx

1. Base de datos PostgreSQL (host)

1.1 Generar contraseña segura

openssl rand -base64 48

1.2 Crear usuario y base de datos

sudo -u postgres psql

CREATE USER n8n WITH PASSWORD 'PASSWORD_GENERADA'; CREATE DATABASE n8n OWNER n8n; GRANT ALL PRIVILEGES ON DATABASE n8n TO n8n; \q{=tex}

1.3 Verificación

psql "host=127.0.0.1 port=5432 dbname=n8n user=n8n password=PASSWORD_GENERADA" -c "select now();"

2. Permitir acceso Docker → PostgreSQL

2.1 Detectar red Docker

sudo docker network inspect n8n_default --format '{{range .IPAM.Config}}{{.Subnet}} {{.Gateway}}{{end}}'

Resultado típico: 172.18.0.0/16 172.18.0.1

2.2 Ajustar postgresql.conf

sudo -u postgres psql -tAc "SHOW config_file;" sudo pico /etc/postgresql/17/main/postgresql.conf

listen_addresses = '127.0.0.1,172.17.0.1'

sudo systemctl restart postgresql

2.3 Ajustar pg_hba.conf

sudo -u postgres psql -tAc "SHOW hba_file;" sudo pico /etc/postgresql/17/main/pg_hba.conf

Docker network n8n_default

host n8n n8n 172.18.0.0/16 scram-sha-256 hostssl n8n n8n 172.18.0.0/16 scram-sha-256

sudo systemctl reload postgresql

2.4 UFW

sudo ufw allow in from 172.18.0.0/16 to 172.17.0.1 port 5432 proto tcp

Verificación:

sudo docker run --rm --network n8n_default -e PGPASSWORD='PASSWORD' postgres:16-alpine psql -h 172.17.0.1 -p 5432 -U n8n -d n8n -c "select now();"

3. Preparación estructura n8n

sudo mkdir -p /opt/n8n/data sudo chown -R 1000:1000 /opt/n8n/data sudo chmod 700 /opt/n8n/data

openssl rand -hex 32

4. Archivo .env (/opt/n8n/.env)

TZ=Atlantic/Canary NODE_ENV=production N8N_PORT=5678

N8N_HOST=n8n.nube42.es N8N_PROTOCOL=https WEBHOOK_URL=https://n8n.nube42.es/ N8N_EDITOR_BASE_URL=https://n8n.nube42.es/ N8N_PROXY_HOPS=1

N8N_ENCRYPTION_KEY=CLAVE_GENERADA

DB_TYPE=postgresdb DB_POSTGRESDB_HOST=172.17.0.1 DB_POSTGRESDB_PORT=5432 DB_POSTGRESDB_DATABASE=n8n DB_POSTGRESDB_USER=n8n DB_POSTGRESDB_PASSWORD=PASSWORD_GENERADA

N8N_DIAGNOSTICS_ENABLED=false N8N_VERSION_NOTIFICATIONS_ENABLED=false N8N_TEMPLATES_ENABLED=false

5. docker-compose.yml (/opt/n8n/docker-compose.yml)

services: n8n: image: n8nio/n8n:latest restart: unless-stopped env_file: - .env ports: - "127.0.0.1:5678:5678" volumes: - ./data:/home/node/.n8n

Levantar:

cd /opt/n8n sudo docker compose up -d

Verificación:

sudo docker logs --tail=120 n8n-n8n-1 curl -I http://127.0.0.1:5678/

6. Nginx Reverse Proxy (/etc/nginx/sites-available/n8n)

server { listen 80; server_name n8n.nube42.es;

location / {
    proxy_pass http://127.0.0.1:5678;

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_http_version 1.1;
    proxy_set_header Connection "";
    proxy_buffering off;
}

}

Activar:

sudo ln -s /etc/nginx/sites-available/n8n /etc/nginx/sites-enabled/ sudo nginx -t && sudo systemctl reload nginx

7. Certificado HTTPS

sudo certbot --nginx -d n8n.nube42.es

Verificación:

curl -I https://n8n.nube42.es

Estado final

  • n8n operativo en Docker
  • PostgreSQL en host
  • Red Docker autorizada en UFW
  • pg_hba correctamente configurado
  • HTTPS activo

Acceso: https://n8n.nube42.es

Back to top