Local n8n with Cloudflare

This repository contains the configuration files to run n8n locally with PostgreSQL and expose it securely to the internet using Cloudflare Tunnel.

This setup is detailed in the blog post: Install n8n locally using Cloudflare

Overview

The setup includes:

• n8n: Workflow automation tool
• PostgreSQL 16: Database backend for n8n
• Cloudflare Tunnel: Secure tunnel to expose n8n to the internet without opening ports

Prerequisites

• Docker and Docker Compose
• A Cloudflare account
• A domain managed by Cloudflare

Quick Start

1. Clone the repository

   git clone <repository-url>
   cd local-n8n-with-cloudflare

2. Configure environment variables

   cp .env.sample .env

   Edit .env and update the following values:

   • PUBLIC_DOMAIN: Your public domain (e.g., n8n.yourdomain.com)
   • POSTGRES_PASSWORD: Secure password for PostgreSQL root user
   • POSTGRES_NON_ROOT_PASSWORD: Secure password for n8n database user
   • N8N_ENCRYPTION_KEY: Generate using openssl rand -hex 32
   • CLOUDFLARE_TUNNEL_TOKEN: Token from your Cloudflare Tunnel configuration
   • GENERIC_TIMEZONE: Your timezone (e.g., Europe/London)

3. Start the services

   docker compose up -d

4. Access n8n

   Navigate to https://your-configured-domain.com to access your n8n instance.

Architecture

The setup uses three Docker containers:

• postgres: PostgreSQL database with automatic initialization of non-root user
• n8n: The n8n application configured to use PostgreSQL and HTTPS
• cloudflared: Cloudflare Tunnel daemon for secure internet access

Two Docker networks are configured:

• backend: Internal network for n8n and PostgreSQL communication
• cloudflare: Network for Cloudflare Tunnel to access n8n

Configuration Details

PostgreSQL Initialization

The init-data.sh script automatically:

• Creates a non-root PostgreSQL user for n8n
• Grants appropriate permissions on the database and schema
• Sets up default privileges for future objects

n8n Configuration

Key n8n environment variables:

• Uses PostgreSQL as the database backend
• Configured for HTTPS with webhook support
• Persistent storage in Docker volumes
• Local files directory mounted at ./local-files

Cloudflare Tunnel

The tunnel is configured to route traffic from your public domain to the local n8n instance running on port 5678.

Data Persistence

Two Docker volumes ensure data persistence:

• db_storage: PostgreSQL database files
• n8n_data: n8n workflows, credentials, and settings

Stopping the Services

docker compose down

To remove all data including volumes:

docker compose down -v

Troubleshooting

Check service logs:

docker compose logs -f

Check specific service:

docker compose logs -f n8n
docker compose logs -f postgres
docker compose logs -f cloudflared

Security Notes

• Always use strong, unique passwords for database credentials
• Generate a secure encryption key for n8n
• Keep your Cloudflare Tunnel token secure and never commit it to version control
• The .env file is gitignored to prevent accidental exposure of secrets

More details

See the blog post for more details: https://www.russ.cloud/2025/10/04/install-n8n-locally-using-cloudflare/