Docker Compose N8N Postgres e Redis

Crei uma stack de docker compose para execução do N8N com persistência em bando de dados Postgres, com Redis e Workers.

Todo contéudo está disponível no github https://github.com/delcain/docker-compose-n8n-postgres-redis 

** docker-compose.yaml

services:
  postgres:
    image: postgres:16
    restart: always
    environment:
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      TZ: ${TZ}
    volumes:
      - postgres_data:/var/lib/postgresql/data

  redis:
    image: redis:7-alpine
    restart: always
    volumes:
      - redis_data:/data

  editor:
    image: n8nio/n8n:latest
    restart: always
    environment:
      - TZ=${TZ}
      - EXECUTIONS_MODE=queue
      - QUEUE_BULL_REDIS_HOST=redis
      - QUEUE_BULL_REDIS_PORT=6379
      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=postgres
      - DB_POSTGRESDB_DATABASE=${POSTGRES_DB}
      - DB_POSTGRESDB_USER=${POSTGRES_USER}
      - DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD}
      - N8N_RUNNERS_ENABLED=true
      - OFFLOAD_MANUAL_EXECUTIONS_TO_WORKERS=true
      - N8N_EXPRESS_TRUST_PROXY=true
      - N8N_HOST=${N8N_HOST}
      - N8N_PROTOCOL=https
      - WEBHOOK_URL=${WEBHOOK_URL}
      - N8N_BASIC_AUTH_ACTIVE=${N8N_BASIC_AUTH_ACTIVE}
      - N8N_BASIC_AUTH_USER=${N8N_BASIC_AUTH_USER}
      - N8N_BASIC_AUTH_PASSWORD=${N8N_BASIC_AUTH_PASSWORD}
      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
    volumes:
      - n8n_data:/home/node/.n8n
    depends_on:
      - postgres
      - redis
    ports:
      - "5678:5678"

  webhook:
    image: n8nio/n8n:latest
    restart: always
    command: webhook
    environment:
      - TZ=${TZ}
      - EXECUTIONS_MODE=queue
      - QUEUE_BULL_REDIS_HOST=redis
      - QUEUE_BULL_REDIS_PORT=6379
      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=postgres
      - DB_POSTGRESDB_DATABASE=${POSTGRES_DB}
      - DB_POSTGRESDB_USER=${POSTGRES_USER}
      - DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD}
      - N8N_RUNNERS_ENABLED=true
      - OFFLOAD_MANUAL_EXECUTIONS_TO_WORKERS=true
      - N8N_EXPRESS_TRUST_PROXY=true
      - N8N_HOST=${N8N_HOST}
      - N8N_PROTOCOL=https
      - WEBHOOK_URL=${WEBHOOK_URL}
      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
    depends_on:
      - postgres
      - redis
    ports:
      - "5679:5678"

  worker:
    image: n8nio/n8n:latest
    restart: always
    command: worker
    environment:
      - TZ=${TZ}
      - EXECUTIONS_MODE=queue
      - QUEUE_BULL_REDIS_HOST=redis
      - QUEUE_BULL_REDIS_PORT=6379
      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=postgres
      - DB_POSTGRESDB_DATABASE=${POSTGRES_DB}
      - DB_POSTGRESDB_USER=${POSTGRES_USER}
      - DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD}
      - N8N_RUNNERS_ENABLED=true
      - OFFLOAD_MANUAL_EXECUTIONS_TO_WORKERS=true
      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
    depends_on:
      - postgres
      - redis

volumes:
  postgres_data:
  redis_data:
  n8n_data:

** .env

# Geral
TZ=America/Sao_Paulo

# Domínio
N8N_HOST=n8n.minhaempresa.com.br
N8N_PROTOCOL=https
N8N_PORT=5678
WEBHOOK_URL=https://webhook.minhaempresa.com.br/

# Segurança
N8N_BASIC_AUTH_ACTIVE=true
N8N_BASIC_AUTH_USER=admin
N8N_BASIC_AUTH_PASSWORD=mypassword

# Banco
POSTGRES_DB=n8n
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres

# Redis
REDIS_HOST=redis
REDIS_PORT=6379

# n8n
N8N_ENCRYPTION_KEY=generate new key
QUEUE_BULL_REDIS_DB=0
EXECUTIONS_MODE=queue

# Certbot
CERTBOT_EMAIL=contato@minhaempresa.com.br

** nginx-n8n.conf

server {
    server_name n8n.minhaempresa.com.br;

    set $upstream 127.0.0.1:5678;

    underscores_in_headers on;

    # Permite validação SSL (Let's Encrypt)
    location /.well-known/acme-challenge/ {
        alias /var/www/ssl-proof/nginx/.well-known/acme-challenge/;
    }

    location / {
        proxy_pass http://$upstream;
        proxy_http_version 1.1;
        proxy_buffering off;
        client_max_body_size 0;
        proxy_read_timeout 36000s;
        proxy_redirect off;

        # Headers essenciais
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;

        # Upgrade para WebSocket (importante para editor do n8n)
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        # Preserva header de autenticação
        proxy_pass_header Authorization;
    }

}

** nginx-webhook.conf

server {
    server_name webhook.minhaempresa.com.br;

    set $upstream 127.0.0.1:5679;

    underscores_in_headers on;

    # Permite validação SSL (Let's Encrypt)
    location /.well-known/acme-challenge/ {
        alias /var/www/ssl-proof/nginx/.well-known/acme-challenge/;
    }

    location / {
        proxy_pass http://$upstream;
        proxy_http_version 1.1;
        proxy_buffering off;
        client_max_body_size 0;
        proxy_read_timeout 36000s;
        proxy_redirect off;

        # Headers essenciais
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;

        # Upgrade para WebSocket (importante para editor do n8n)
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        # Preserva header de autenticação
        proxy_pass_header Authorization;
    }
}