initial commit

2021-11-10 11:22:37 +00:00 · 2021-11-10 11:22:37 +00:00 · 6c851a37ab
commit 6c851a37ab
3 changed files with 107 additions and 0 deletions
--- a/.env.sample
+++ b/.env.sample
@ -0,0 +1,16 @@
+TYPE=n8n
+
+DOMAIN=n8n.example.com
+
+## Domain aliases
+#EXTRA_DOMAINS=', `www.n8n.example.com`'
+LETS_ENCRYPT_ENV=production
+
+POSTGRES_USER=changeUser
+POSTGRES_DB=n8n
+POSTGRES_NON_ROOT_USER=changeUser
+N8N_BASIC_AUTH_USER=changeserU
+
+SECRET_DB_NON_ROOT_PASSWORD_VERSION=v1
+SECRET_DB_PASSWORD_VERSION=v1
+SECRET_ADMIN_PASSWORD_VERSION=v1
--- a/compose.yml
+++ b/compose.yml
@ -0,0 +1,78 @@
+---
+
+version: '3.8'
+
+services:
+  db:
+    image: postgres:11
+    restart: always
+    networks:
+      - internal_network
+    environment:
+      - POSTGRES_USER=root
+      - POSTGRES_PASSWORD=test
+      # - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - POSTGRES_DB=n8n
+      # - POSTGRES_NON_ROOT_USER
+    # volumes:
+    #   - ./init-data.sh:/docker-entrypoint-initdb.d/init-data.sh
+
+  n8n:
+    image: n8nio/n8n
+    restart: always
+    environment:
+      - DB_TYPE=postgresdb
+      - DB_POSTGRESDB_HOST=db
+      - DB_POSTGRESDB_PORT=5432
+      - DB_POSTGRESDB_DATABASE=n8n #${POSTGRES_DB}
+      - DB_POSTGRESDB_USER=root #${POSTGRES_NON_ROOT_USER}
+      - DB_POSTGRESDB_PASSWORD=test
+      # - DB_POSTGRESDB_PASSWORD_FILE=/run/secrets/db_password
+      - N8N_BASIC_AUTH_ACTIVE=true
+      - N8N_BASIC_AUTH_USER=test
+      - N8N_BASIC_AUTH_PASSWORD=test
+      # - N8N_BASIC_AUTH_PASSWORD_FILE=/run/secrets/admin_password
+    ports:
+      - 5678:5678
+    networks:
+      - proxy
+      - internal_network
+    volumes:
+      - n8n:/home/node/.n8n
+    # Wait 5 seconds to start n8n to make sure that PostgreSQL is ready
+    # when n8n tries to connect to it
+    command: /bin/sh -c "sleep 5; n8n start"
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+      labels:
+        - "traefik.enable=true"
+        - "traefik.docker.network=proxy"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=5678"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+
+# secrets:
+#   db_non_root_password:
+#     external: true
+#     name: ${STACK_NAME}_db_non_root_password_${SECRET_DB_NON_ROOT_PASSWORD_VERSION}
+#   db_password:
+#     external: true
+#     name: ${STACKNAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+#   admin_password:
+#     external: true
+#     name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
+
+volumes:
+  n8n:
+
+networks:
+  proxy:
+    external: true
+  internal_network:
+    internal: true
--- a/init-data.sh
+++ b/init-data.sh
@ -0,0 +1,13 @@
+#!/bin/bash
+set -e;
+
+POSTGRES_NON_ROOT_PASSWORD=$(cat /run/secrets/db_non_root_password)
+
+if [ -n "${POSTGRES_NON_ROOT_USER:-}" ] && [ -n "${POSTGRES_NON_ROOT_PASSWORD:-}" ]; then
+	psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+		CREATE USER ${POSTGRES_NON_ROOT_USER} WITH PASSWORD '${POSTGRES_NON_ROOT_PASSWORD}';
+		GRANT ALL PRIVILEGES ON DATABASE ${POSTGRES_DB} TO ${POSTGRES_NON_ROOT_USER};
+	EOSQL
+else
+	echo "SETUP INFO: No Environment variables given!"
+fi