Guide: how do i host n8n workflows with full control?
You can host n8n workflows with full control on a VPS by running n8n in Docker, using a persistent database, and managing it with systemd. This page gives a clear, practical setup so you control updates, data, and access. The direct answer: run n8n in Docker Compose on your VPS, attach a Postgres volume, set an encryption key, and run a systemd service for automatic startup.
How do i host n8n workflows with full control? What You Need
List the required items before you begin. Keep each item small and specific.
- VPS with Ubuntu 22.04 or similar, 2+ GB RAM.
- Root access or a user with sudo privileges.
- Docker and docker-compose installed.
- Node.js (optional for custom npm scripts) and git.
- A domain name and TLS (nginx or Caddy recommended).
Step 1: Prepare the VPS
Update packages and install basic tools. Run these commands as sudo.
sudo apt update && sudo apt upgrade -y
sudo apt install -y git curl opensslStep 2: Install Docker and docker-compose
Install Docker CE and docker-compose plugin. These commands work on Ubuntu.
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER
sudo apt install -y docker-compose-pluginLog out and back in if you added your user to the docker group.
Step 3: Create Docker Compose for n8n and Postgres
Create a project folder and a simple docker-compose.yml. This file runs Postgres and n8n with persistent volumes.
mkdir ~/n8n && cd ~/n8n
cat > docker-compose.yml <<'YAML'
version: '3.8'
services:
db:
image: postgres:14
restart: unless-stopped
environment:
POSTGRES_USER: n8n
POSTGRES_PASSWORD: n8npassword
POSTGRES_DB: n8n
volumes:
- db_data:/var/lib/postgresql/data
n8n:
image: n8nio/n8n:latest
restart: unless-stopped
ports:
- '5678:5678'
environment:
- DB_TYPE=postgresdb
- DB_POSTGRESDB_HOST=db
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_USER=n8n
- DB_POSTGRESDB_PASSWORD=n8npassword
- N8N_BASIC_AUTH_ACTIVE=true
- N8N_BASIC_AUTH_USER=admin
- N8N_BASIC_AUTH_PASSWORD=changeme
- N8N_ENCRYPTION_KEY=REPLACE_WITH_RANDOM_KEY
depends_on:
- db
volumes:
db_data:
YAMLReplace passwords and set a secure ENCRYPTION_KEY next.
Step 4: Generate a secure encryption key
Use openssl to generate a random key. Keep it secret.
openssl rand -base64 32
# Copy the output and place it in docker-compose.yml as N8N_ENCRYPTION_KEYStep 5: Start n8n with Docker Compose
From the project folder, bring services up in the background.
cd ~/n8n
docker compose up -dCheck logs with:
docker compose logs -f n8nStep 6: Run n8n as a systemd service (optional)
Create a systemd unit to ensure Docker Compose runs on boot. Save this as /etc/systemd/system/n8n.service.
[Unit]
Description=n8n Docker Compose
After=network.target docker.service
[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/home/youruser/n8n
ExecStart=/usr/bin/docker compose up -d
ExecStop=/usr/bin/docker compose down
User=youruser
[Install]
WantedBy=multi-user.targetThen enable and start the service:
sudo systemctl daemon-reload
sudo systemctl enable --now n8n.service
sudo systemctl status n8n.serviceUpdate
To update n8n, pull the new image and recreate containers. Use these commands.
cd ~/n8n
docker compose pull n8n
docker compose up -d --remove-orphans
# If using systemd, restart the service
sudo systemctl restart n8n.serviceSecurity
Basic security tips to keep your setup safe.
- Use TLS with a reverse proxy (nginx or Caddy) and never expose port 5678 publicly.
- Set strong N8N_ENCRYPTION_KEY and basic auth credentials.
- Run Postgres with a separate strong password and backups of volumes.
- Keep Docker images and the host OS updated regularly.
- Use a firewall (ufw) to allow only needed ports.
Done
You now have n8n hosted with full control on your VPS. You run it in Docker, persist data in Postgres, and manage it with systemd. Monitor logs and update images as shown. Adjust TLS and backups to match your production needs.
