Stop paying monthly subscription fees and take full control of your automation workflows by hosting n8n on your own server. This step-by-step guide will walk you through the entire process, even if you’ve never touched a server before.
What is n8n and Why Self-Host?
n8n is a powerful workflow automation tool that connects different apps and services together. Think of it as a digital assistant that can automatically move data between your favorite tools, send notifications, process files, and much more.
Why self-host instead of using n8n’s cloud service?
- Cost savings: Pay once for server hosting instead of monthly subscriptions
- Complete control: No limits on workflows, executions, or data
- Privacy: Your data stays on your server, not someone else’s
- Customization: Install additional tools and configure everything your way
- Learning experience: Gain valuable technical skills
What You’ll Need
- Budget: $5-20/month for server hosting
- Time: 2-3 hours for initial setup
- Domain name: For accessing your n8n installation (optional but recommended)
- Basic computer skills: Ability to copy/paste commands and follow instructions
Step 1: Choosing and Buying a Hetzner Server
Hetzner is a German hosting provider known for excellent performance and fair pricing. They offer reliable servers perfect for self-hosting.
Which Server to Choose?
For n8n, I recommend starting with these specifications:
Recommended Server: CPX21
- CPU: 3 vCPU cores
- RAM: 4 GB
- Storage: 80 GB SSD
- Traffic: 20 TB
- Cost: Around €8.50/month (~$9/month)
This server can handle:
- 100+ simple workflows
- Medium complexity automations
- Small to medium business needs
- Room to grow
Budget Option: CPX11
- CPU: 2 vCPU cores
- RAM: 2 GB
- Storage: 40 GB SSD
- Cost: Around €4.50/month (~$5/month)
Good for personal use or just getting started.
Setting Up Your Hetzner Account
- Create account: Go to Hetzner Cloud and sign up
- Verify identity: Hetzner may ask for ID verification (standard security practice)
- Add payment method: Credit card or PayPal
- Create project: Give it a name like “n8n-automation”
Buying Your Server
- Click “Add Server” in your Hetzner dashboard
- Choose location: Pick the closest to your location (Frankfurt, Germany is usually good)
- Select image: Choose “Ubuntu 24.04”
- Choose server type: Select CPX21 (or CPX11 for budget)
- Add SSH key:
- If you don’t have one, don’t worry – we’ll use password authentication for now
- Skip this step for beginners
- Name your server: Something like “n8n-server”
- Click “Create & Buy Now”
Your server will be ready in about 2-3 minutes!
Step 2: Getting a Domain Name (Optional but Recommended)
While you can access n8n using your server’s IP address, having a proper domain makes everything easier and more professional.
Where to Buy a Domain
- Namecheap: User-friendly, good prices
- Cloudflare: Great for advanced users
- Your current provider: If you already have a website
Setting Up DNS
Once you have a domain (let’s say yourdomain.com):
- Find your server IP: In Hetzner dashboard, copy your server’s IP address
- Add DNS record: In your domain provider’s dashboard:
- Type: A
- Name: n8n
- Value: Your server’s IP address
- TTL: 300 (or Auto)
This creates n8n.yourdomain.com pointing to your server.
Step 3: Connecting to Your Server
Now we need to connect to your server to install everything. We’ll use SSH (Secure Shell) – think of it as a way to control your server remotely.
For Windows Users
- Download PuTTY: Free SSH client from putty.org
- Open PuTTY
- Enter details:
- Host Name: Your server’s IP address
- Port: 22
- Connection type: SSH
- Click “Open”
- Login:
- Username:
root - Password: Check your email from Hetzner for the temporary password
- Username:
For Mac/Linux Users
- Open Terminal
- Connect: Type
ssh root@YOUR_SERVER_IPand press Enter - Enter password: When prompted (you won’t see characters as you type)
First Login Security
After first login, you’ll be asked to change the password. Choose something strong!
Step 4: Preparing Your Server
Now we’ll prepare your server with all the necessary software. Don’t worry about understanding every command – just copy and paste them exactly.
Update Your System
# Update package lists
sudo apt update && sudo apt upgrade -y
# Install essential tools
sudo apt install curl wget git nginx ufw certbot python3-certbot-nginx -y
Install Docker
Docker helps us run n8n in an isolated, secure environment.
# Download Docker installation script
curl -fsSL https://get.docker.com -o get-docker.sh
# Run the installation
sudo sh get-docker.sh
# Add your user to docker group (allows running docker without sudo)
sudo usermod -aG docker $USER
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/download/v2.20.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
# Restart to apply changes
sudo reboot
After reboot, reconnect to your server using the same SSH method as before.
Step 5: Setting Up n8n
Now for the exciting part – installing n8n!
Create Directory Structure
# Create n8n directory
sudo mkdir -p /opt/n8n/{data,postgres-data,nginx}
sudo chown -R $USER:$USER /opt/n8n
cd /opt/n8n
Create Configuration Files
We need to create several configuration files. Copy each section exactly:
Environment Variables (stores all your settings):
cat > .env << 'EOF'
# Database Configuration
POSTGRES_USER=n8n_user
POSTGRES_PASSWORD=YOUR_SECURE_DB_PASSWORD_HERE
POSTGRES_DB=n8n_db
# n8n Security Keys (generate your own!)
N8N_ENCRYPTION_KEY=YOUR_32_CHARACTER_ENCRYPTION_KEY_HERE
N8N_USER_MANAGEMENT_JWT_SECRET=YOUR_JWT_SECRET_KEY_HERE
# Domain Configuration
N8N_HOST=n8n.yourdomain.com
N8N_PORT=5678
N8N_PROTOCOL=https
WEBHOOK_URL=https://n8n.yourdomain.com
# Security Settings
N8N_SECURE_COOKIE=true
N8N_USER_MANAGEMENT_DISABLED=false
N8N_RUNNERS_ENABLED=true
# Timezone (change to yours)
GENERIC_TIMEZONE=Europe/Berlin
EOF
Important: Replace the placeholder values:
YOUR_SECURE_DB_PASSWORD_HERE: Create a strong password (mix of letters, numbers, symbols)YOUR_32_CHARACTER_ENCRYPTION_KEY_HERE: Random 32-character stringYOUR_JWT_SECRET_KEY_HERE: Another random long stringn8n.yourdomain.com: Your actual domainEurope/Berlin: Your timezone
Docker Configuration (defines how n8n runs):
cat > docker-compose.yml << 'EOF'
version: '3.8'
services:
postgres:
image: postgres:15-alpine
container_name: n8n_postgres
environment:
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: ${POSTGRES_DB}
volumes:
- ./postgres-data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
restart: unless-stopped
networks:
- n8n-network
n8n:
image: n8nio/n8n:latest
container_name: n8n_app
environment:
DB_TYPE: postgresdb
DB_POSTGRESDB_HOST: postgres
DB_POSTGRESDB_PORT: 5432
DB_POSTGRESDB_DATABASE: ${POSTGRES_DB}
DB_POSTGRESDB_USER: ${POSTGRES_USER}
DB_POSTGRESDB_PASSWORD: ${POSTGRES_PASSWORD}
N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY}
N8N_USER_MANAGEMENT_JWT_SECRET: ${N8N_USER_MANAGEMENT_JWT_SECRET}
N8N_HOST: ${N8N_HOST}
N8N_PORT: ${N8N_PORT}
N8N_PROTOCOL: ${N8N_PROTOCOL}
WEBHOOK_URL: ${WEBHOOK_URL}
N8N_SECURE_COOKIE: ${N8N_SECURE_COOKIE}
N8N_USER_MANAGEMENT_DISABLED: ${N8N_USER_MANAGEMENT_DISABLED}
N8N_RUNNERS_ENABLED: ${N8N_RUNNERS_ENABLED}
GENERIC_TIMEZONE: ${GENERIC_TIMEZONE}
N8N_LOG_LEVEL: info
ports:
- "127.0.0.1:5678:5678"
volumes:
- ./data:/home/node/.n8n
depends_on:
postgres:
condition: service_healthy
restart: unless-stopped
networks:
- n8n-network
networks:
n8n-network:
driver: bridge
EOF
Step 6: Setting Up SSL/HTTPS Security
We’ll use nginx as a reverse proxy and Let’s Encrypt for free SSL certificates.
Configure Nginx
cat > nginx/n8n.conf << 'EOF'
server {
listen 80;
server_name n8n.yourdomain.com;
# Temporary location for SSL certificate generation
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl http2;
server_name n8n.yourdomain.com;
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/n8n.yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/n8n.yourdomain.com/privkey.pem;
# Security settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
# Security headers
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:5678;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
}
EOF
Remember to replace n8n.yourdomain.com with your actual domain!
Get SSL Certificate
# Copy nginx configuration
sudo cp nginx/n8n.conf /etc/nginx/sites-available/n8n.conf
sudo ln -s /etc/nginx/sites-available/n8n.conf /etc/nginx/sites-enabled/
# Test nginx configuration
sudo nginx -t
# Reload nginx
sudo systemctl reload nginx
# Get SSL certificate (replace with your domain and email)
sudo certbot --nginx -d n8n.yourdomain.com --email your-email@example.com --agree-tos --no-eff-email
Step 7: Starting n8n
The moment of truth! Let’s start n8n:
# Start all services
docker-compose up -d
# Check if everything is running
docker-compose ps
# View startup logs
docker-compose logs -f
If everything worked, you should see logs showing n8n starting up and connecting to the database.
Step 8: Setting Up the Firewall
Security is crucial! Let’s set up a firewall to protect your server:
# Reset firewall to defaults
sudo ufw --force reset
# Set default policies
sudo ufw default deny incoming
sudo ufw default allow outgoing
# Allow essential services
sudo ufw limit ssh # SSH with rate limiting
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
# Block common attack ports
sudo ufw deny 23/tcp # Telnet
sudo ufw deny 135/tcp # RPC
sudo ufw deny 445/tcp # SMB
# Enable firewall
sudo ufw enable
# Check status
sudo ufw status
Step 9: First Time Setup
Now visit your domain: https://n8n.yourdomain.com
You should see the n8n welcome screen! 🎉
- Create your owner account: This is your admin user
- Set up your credentials: Choose a strong password
- Start building workflows: You now have full access to n8n!
Security Best Practices
Regular Updates
Update your system monthly:
# Update system packages
sudo apt update && sudo apt upgrade -y
# Update n8n
cd /opt/n8n
docker-compose pull
docker-compose up -d
# Reboot if kernel was updated
sudo reboot
Backup Strategy
Create regular backups:
# Create backup script
cat > /opt/n8n/backup.sh << 'EOF'
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p /opt/n8n/backups
# Backup database
docker-compose exec postgres pg_dump -U n8n_user n8n_db > /opt/n8n/backups/n8n_backup_$DATE.sql
# Backup n8n data
tar -czf /opt/n8n/backups/n8n_data_$DATE.tar.gz ./data/
# Keep only last 7 backups
cd /opt/n8n/backups && ls -t | tail -n +8 | xargs -d '\n' rm -f --
EOF
chmod +x /opt/n8n/backup.sh
# Run backup manually
./backup.sh
# Set up automatic daily backups
echo "0 2 * * * /opt/n8n/backup.sh" | sudo crontab -
Monitor Your Server
Keep an eye on resource usage:
# Check system resources
htop
# Check disk usage
df -h
# Check n8n logs
cd /opt/n8n && docker-compose logs -f n8n
# Check service status
docker-compose ps
Additional Security Measures
Change SSH Port (advanced):
# Edit SSH config
sudo nano /etc/ssh/sshd_config
# Change 'Port 22' to 'Port 2222'
# Then restart SSH and update firewall
sudo systemctl restart ssh
sudo ufw allow 2222/tcp
sudo ufw delete allow ssh
Set up monitoring with tools like Uptime Robot to get notified if your server goes down.
Use SSH keys instead of passwords for even better security.
Troubleshooting Common Issues
n8n Won’t Start
# Check logs for errors
docker-compose logs n8n
# Common fix: restart services
docker-compose restart
Can’t Access via Domain
- Check DNS propagation (can take 24 hours)
- Verify nginx configuration:
sudo nginx -t - Check SSL certificate:
sudo certbot certificates
Server Running Slowly
- Upgrade to a larger server
- Check resource usage:
htop - Optimize workflows to be more efficient
Forgot n8n Password
# Reset user password (replace with your email)
docker-compose exec n8n n8n user:reset --email=your-email@example.com
Cost Breakdown
Monthly Costs:
- Hetzner server: €4.50-8.50 ($5-9)
- Domain name: $10-15/year ($1-2/month)
- Total: $6-11/month
vs. n8n Cloud pricing: $20+/month for similar features
Break-even: 2-3 months, then pure savings!
Conclusion
Congratulations! You now have your own n8n server running securely in the cloud. You’ve gained:
- Complete control over your automation workflows
- Significant cost savings compared to cloud services
- Privacy and security with your data on your own server
- Valuable technical skills for future projects
- Unlimited workflows and executions
What’s Next?
- Explore n8n’s hundreds of integrations
- Build your first automation workflow
- Join the n8n community for tips and templates
- Consider adding additional tools to your server
- Share your experience with others!
Need Help?
- n8n Documentation: docs.n8n.io
- Community Forum: community.n8n.io
- Hetzner Support: Available 24/7 for server issues
Remember: You did something many people think is too technical for them. You should be proud of taking control of your digital tools and learning these valuable skills!
Have you successfully self-hosted n8n? Share your experience in the comments below and let others know how it’s working for you!