stacks/n8n/compose.yml

services:
  n8n:
    image: n8nio/n8n:latest
    container_name: n8n
    environment:
      TZ: ${TIMEZONE:-Europe/Amsterdam}
      N8N_HOST: ${TRAEFIK_HOST}
      N8N_PORT: 5678
      N8N_PROTOCOL: https
      WEBHOOK_URL: https://${TRAEFIK_HOST}/
      N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY}
      DB_TYPE: postgresdb
      DB_POSTGRESDB_HOST: n8n_db
      DB_POSTGRESDB_PORT: 5432
      DB_POSTGRESDB_DATABASE: n8n
      DB_POSTGRESDB_USER: n8n
      DB_POSTGRESDB_PASSWORD: n8n
    volumes:
      - ../.data/n8n/data:/home/node/.n8n
    depends_on:
      db:
        condition: service_healthy
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.n8n-redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.n8n-web.middlewares=n8n-redirect-web-secure"
      - "traefik.http.routers.n8n-web.rule=Host(`${TRAEFIK_HOST}`)"
      - "traefik.http.routers.n8n-web.entrypoints=web"
      - "traefik.http.routers.n8n-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
      - "traefik.http.routers.n8n-web-secure.tls.certresolver=resolver"
      - "traefik.http.routers.n8n-web-secure.entrypoints=web-secure"
      - "traefik.http.routers.n8n-web-secure.middlewares=security-headers@file,no-index@file"
      - "traefik.http.services.n8n-web-secure.loadbalancer.server.port=5678"
      - "traefik.docker.network=${NETWORK_NAME}"
    networks:
      - compose_network
  db:
    image: postgres:16-alpine
    container_name: n8n_db
    environment:
      POSTGRES_DB: n8n
      POSTGRES_USER: n8n
      POSTGRES_PASSWORD: n8n
    volumes:
      - ../.data/n8n/db:/var/lib/postgresql/data
    restart: always
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - compose_network
networks:
  compose_network:
    name: ${NETWORK_NAME}
    external: true