How to Self‑Host n8n on Hetzner: Step‑by‑Step Guide

Uncategorized
By Azon Vault

Introduction

Looking for a powerful, open‑source workflow automation tool that you can run on your own server? n8n is a perfect choice, and Hetzner’s reliable VPS and dedicated‑server options make deployment a breeze. This guide walks you through the entire process—from provisioning a Hetzner instance to securing and running n8n in production.

Why Choose Hetzner for n8n?

  • Cost‑effective performance: High‑CPU and SSD storage at low monthly rates.
  • European data residency: Ideal for GDPR‑compliant workflows.
  • Simple networking: Flexible firewalls and easy static IP configuration.

Prerequisites

Before you start, make sure you have:

  • A Hetzner Cloud or Dedicated server (Ubuntu 22.04 LTS is recommended).
  • Root or sudo access.
  • A domain name (optional but recommended for SSL).
  • Docker installed – n8n runs best in a container.

Step 1 – Create a Hetzner Instance

  1. Log in to the Hetzner Cloud Console.
  2. Click Create Server and select:
    • Location: Frankfurt or Helsinki (closest to your users).
    • Server type: CX31 (2 vCPU, 8 GB RAM) is sufficient for most workloads.
    • OS: Ubuntu 22.04 LTS.
  3. Assign a static IPv4 address and give the server a recognizable name.
  4. Save the SSH key you’ll use for login.

Step 2 – Prepare the Server

Connect via SSH and update the system:

sudo apt update && sudo apt upgrade -y

Install Docker and Docker Compose:

curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh sudo usermod -aG docker $USER newgrp docker  sudo apt install -y docker-compose

Step 3 – Configure n8n with Docker Compose

Create a folder for the service and a docker-compose.yml file:

mkdir -p ~/n8n && cd ~/n8n cat > docker-compose.yml <<'EOF' version: '3.8' services:   n8n:     image: n8nio/n8n:latest     restart: unless-stopped     ports:       - "5678:5678"     environment:       - DB_TYPE=sqlite       - DB_SQLITE_VACUUM_ON_STARTUP=true       - N8N_BASIC_AUTH_ACTIVE=true       - N8N_BASIC_AUTH_USER=${{ secrets.N8N_USER }}       - N8N_BASIC_AUTH_PASSWORD=${{ secrets.N8N_PASSWORD }}       - N8N_HOST=yourdomain.com       - N8N_PORT=5678       - N8N_PROTOCOL=https     volumes:       - ./n8n-data:/home/node/.n8n EOF

Replace yourdomain.com with your actual domain. Store the basic‑auth credentials securely (you can use Hetzner’s secrets feature or an .env file).

Step 4 – Obtain a Free SSL Certificate

n8n expects HTTPS in production. Use Certbot with the Docker container:

sudo apt install -y certbot sudo certbot certonly --standalone -d yourdomain.com

After the certificate is generated, map it into the container by adding the following lines to docker-compose.yml under the volumes section:

- /etc/letsencrypt/live/yourdomain.com/fullchain.pem:/etc/ssl/certs/fullchain.pem - /etc/letsencrypt/live/yourdomain.com/privkey.pem:/etc/ssl/private/privkey.pem

Step 5 – Launch n8n

docker compose up -d

Verify that the service is running:

docker ps | grep n8n

Open https://yourdomain.com in a browser, log in with the basic‑auth credentials, and you’re ready to start building workflows.

Step 6 – Harden Security

  • Firewall: Enable Hetzner’s cloud firewall to allow only ports 22 (SSH), 80/443 (HTTP/HTTPS), and 5678 (internal if needed).
  • Fail2Ban: Install to block brute‑force SSH attempts.
  • Automatic backups: Schedule a daily snapshot of the n8n-data volume.

FAQ

Do I need a dedicated server for n8n?
No. A small Hetzner Cloud instance (2 vCPU, 4‑8 GB RAM) handles most automation scenarios.
Can I use PostgreSQL instead of SQLite?
Absolutely. Set DB_TYPE=postgresdb and provide the connection URL in environment.
How do I update n8n?
Run docker compose pull && docker compose up -d to pull the latest image and restart the service.
Is basic authentication enough?
For internal tools it’s fine, but consider OAuth2 or SSO for enterprise environments.
What if I need more storage?
Attach a Hetzner volume and mount it to /home/node/.n8n in the Compose file.

Conclusion

Self‑hosting n8n on Hetzner gives you full control over your automation, data privacy, and costs. With Docker, SSL, and a few security tweaks, you’ll have a production‑ready workflow engine in minutes.

Call to Action

Ready to automate your processes without handing over data to third‑party SaaS? Create a Hetzner server now, follow this guide, and start building powerful n8n workflows today!

Azon Vault 5838 posts 0 comments
You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.