How to Self-Host n8n in 2026: Complete Step-by-Step Guide
Self-hosting n8n gives you unlimited workflow executions for free. This guide walks you through a production-ready Docker setup with SSL, PostgreSQL, automated backups, and security hardening — all for under $10/month.
Self-hosting n8n gives you unlimited workflow executions for free — while Zapier charges $29.99/month for just 750 tasks and n8n Cloud starts at €24/month for 2,500 executions. If you're comfortable with a terminal, self-hosting is the most cost-effective way to automate your business.
I've been running a self-hosted n8n instance on a VPS for months, powering automated social media posting, content pipelines, and data processing workflows. Total monthly cost: under $10. This guide walks you through the exact same setup, step by step.
By the end of this tutorial, you'll have a production-ready n8n instance running on your own server with SSL encryption, automatic backups, and secure access — all for less than the price of a coffee.
New to workflow automation? Read our n8n vs Zapier vs Make comparison first to understand why n8n is the best choice for technical users.
Why Self-Host n8n?
Before diving into the setup, let's understand why self-hosting is worth the effort.
Self-Hosted vs Cloud: Cost Comparison
| Feature | n8n Self-Hosted | n8n Cloud (Pro) | Zapier (Professional) |
|---|---|---|---|
| Monthly cost | $5–20 (VPS only) | €60/mo ($65) | $29.99/mo |
| Executions included | Unlimited | 10,000 | 750 tasks |
| Workflows | Unlimited | Unlimited | Unlimited |
| Users | Unlimited | Unlimited | 1 |
| Data location | Your server | EU (Germany) | US/EU |
| Custom code | ✅ Full access | ✅ | ❌ Limited |
| Source code access | ✅ Open source | ❌ | ❌ |
| Annual cost | $60–240 | $780 | $360 |
The math is clear: A self-hosted n8n instance costs $60–240/year for unlimited everything, while n8n Cloud costs $780/year for 10,000 executions and Zapier costs $360/year for just 750 tasks.
Key Benefits of Self-Hosting
- Zero execution limits — run thousands of workflows daily without worrying about billing
- Complete data privacy — your workflow data, credentials, and execution logs never leave your server
- Full customization — modify environment variables, add custom nodes, write JavaScript/Python
- GDPR/HIPAA compliance — no third-party data processing means easier regulatory compliance
- No vendor lock-in — if n8n changes their pricing or licensing, your self-hosted instance keeps running
- Custom integrations — install npm packages, connect to local databases, use SSH tunnels
Prerequisites: What You Need
Before we start, make sure you have the following:
| Requirement | Details | Estimated Cost |
|---|---|---|
| VPS server | Ubuntu 22.04+, minimum 2GB RAM, 2 vCPUs, 20GB SSD | $5–20/month |
| Domain name | A domain or subdomain pointed at your server | $10–15/year |
| SSH access | Terminal access to your server | Included with VPS |
| Basic terminal knowledge | Comfortable running commands in a Linux terminal | Free |
Recommended VPS Providers
| Provider | Cheapest Plan | RAM | CPU | Storage | Price |
|---|---|---|---|---|---|
| Hetzner | CX22 | 4GB | 2 vCPUs | 40GB NVMe | €4.35/mo |
| Hostinger | KVM 2 | 8GB | 2 vCPUs | 100GB NVMe | ~$5.99/mo |
| DigitalOcean | Basic | 2GB | 1 vCPU | 50GB SSD | $12/mo |
| Contabo | Cloud VPS S | 8GB | 4 vCPUs | 200GB SSD | €6.99/mo |
My recommendation: Hetzner or Hostinger offer the best price-to-performance ratio for n8n. A 4GB RAM server handles most n8n workloads comfortably — I run 15+ automated workflows on my Hostinger VPS without issues.
Step 1: Initial Server Setup
SSH into your server and update the system:
ssh root@your-server-ip
apt update && apt upgrade -y
Install Docker and Docker Compose
Docker is the recommended way to run n8n. Starting with Docker v20.10.0, Docker Compose is included as a plugin.
# Install Docker
curl -fsSL https://get.docker.com | sh
# Verify installation
docker --version
docker compose version
You should see version numbers for both. If Docker Compose isn't available, install it separately:
apt install docker-compose-plugin -y
Create the n8n Directory
mkdir -p /docker/n8n
cd /docker/n8n
Step 2: Configure DNS
Point your domain (or subdomain) to your server's IP address.
In your DNS provider's dashboard, add an A record:
| Record Type | Name | Value | TTL |
|---|---|---|---|
| A | n8n (or @ for root domain) |
Your server's IP address | 3600 |
For example, if your domain is example.com and your server IP is 123.45.67.89:
n8n.example.com→123.45.67.89
DNS propagation typically takes 5–30 minutes. You can check with:
dig n8n.example.com +short
Step 3: Create the Docker Compose Configuration
This is the core of your setup. We'll create a production-ready configuration with:
- n8n (the automation platform)
- Traefik (reverse proxy with automatic SSL)
- PostgreSQL (production database — more reliable than SQLite)
Create the Environment File
nano /docker/n8n/.env
Paste the following, replacing the placeholder values with your own:
# Domain configuration
N8N_HOST=n8n.example.com
N8N_PROTOCOL=https
WEBHOOK_URL=https://n8n.example.com/
# Security
N8N_ENCRYPTION_KEY=your-random-32-char-encryption-key
# Database
POSTGRES_USER=n8n
POSTGRES_PASSWORD=your-secure-database-password
POSTGRES_DB=n8n
# Timezone
GENERIC_TIMEZONE=Europe/Budapest
TZ=Europe/Budapest
# SSL certificate email (Let's Encrypt)
SSL_EMAIL=your-email@example.com
Security tip: Generate a random encryption key with: openssl rand -hex 16Create the Docker Compose File
nano /docker/n8n/docker-compose.yml
Paste this production-ready configuration:
services:
traefik:
image: traefik:v3.0
restart: unless-stopped
command:
- "--api=false"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=${SSL_EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
ports:
- "80:80"
- "443:443"
volumes:
- traefik-data:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
n8n:
image: docker.n8n.io/n8nio/n8n
restart: unless-stopped
labels:
- traefik.enable=true
- traefik.http.routers.n8n.rule=Host(`${N8N_HOST}`)
- traefik.http.routers.n8n.entrypoints=websecure
- traefik.http.routers.n8n.tls.certresolver=letsencrypt
- traefik.http.services.n8n.loadbalancer.server.port=5678
environment:
- N8N_HOST=${N8N_HOST}
- N8N_PORT=5678
- N8N_PROTOCOL=${N8N_PROTOCOL}
- NODE_ENV=production
- WEBHOOK_URL=${WEBHOOK_URL}
- N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
- GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
- TZ=${TZ}
- DB_TYPE=postgresdb
- DB_POSTGRESDB_HOST=postgres
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_DATABASE=${POSTGRES_DB}
- DB_POSTGRESDB_USER=${POSTGRES_USER}
- DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD}
volumes:
- n8n-data:/home/node/.n8n
- n8n-files:/files
depends_on:
postgres:
condition: service_healthy
postgres:
image: postgres:16-alpine
restart: unless-stopped
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
volumes:
- postgres-data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -h localhost -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
interval: 10s
timeout: 5s
retries: 5
volumes:
traefik-data:
n8n-data:
n8n-files:
postgres-data:
What This Configuration Does
| Component | Purpose |
|---|---|
| Traefik | Reverse proxy — handles SSL certificates automatically via Let's Encrypt, redirects HTTP → HTTPS |
| n8n | The automation platform — connected to PostgreSQL, configured with your domain and timezone |
| PostgreSQL 16 | Production database — more reliable than SQLite for concurrent workflows, better crash recovery |
| Docker volumes | Persistent storage — your data survives container restarts and updates |
Step 4: Launch n8n
Start the containers:
cd /docker/n8n
docker compose up -d
Docker will pull the images (1–2 minutes on first run) and start the containers. Check the status:
docker compose ps
You should see all three containers running. Check the logs for any errors:
docker compose logs n8n --tail 50
First Login
Open your browser and navigate to https://n8n.example.com. You'll see the n8n setup wizard:
- Create your admin account (email + password)
- Choose your plan — select "Skip" or "Community" (self-hosted is free)
- You're in! The n8n workflow editor is ready
Troubleshooting: If you see a "connection refused" error, wait 30 seconds and try again — Traefik needs time to obtain the SSL certificate. If the SSL certificate fails, double-check that your DNS A record is pointing to the correct IP.
Step 5: Essential Security Hardening
A production n8n instance needs proper security. Don't skip this section.
Configure Firewall
# Install UFW (Uncomplicated Firewall)
apt install ufw -y
# Allow SSH, HTTP, and HTTPS
ufw allow ssh
ufw allow 80/tcp
ufw allow 443/tcp
# Enable the firewall
ufw enable
# Verify rules
ufw status
Install Fail2ban
Fail2ban blocks IP addresses that show suspicious activity (like brute-force login attempts):
apt install fail2ban -y
systemctl enable fail2ban
systemctl start fail2ban
Set Up Automatic Security Updates
apt install unattended-upgrades -y
dpkg-reconfigure unattended-upgrades
Select "Yes" to enable automatic security updates.
Security Checklist
| Security Measure | Status | Priority |
|---|---|---|
| SSL/HTTPS encryption | ✅ Handled by Traefik | Critical |
| Strong admin password | ⬜ Set during first login | Critical |
| Firewall (UFW) | ⬜ Configure above | Critical |
| Fail2ban | ⬜ Install above | High |
| Automatic security updates | ⬜ Enable above | High |
| SSH key authentication | ⬜ Replace password login | High |
| Docker socket protection | ✅ Read-only mount in compose | Medium |
| N8N_ENCRYPTION_KEY | ✅ Set in .env file | Critical |
Step 6: Set Up Automatic Backups
Losing your workflows and credentials would be devastating. Set up automated daily backups.
Create the Backup Script
nano /docker/n8n/backup.sh
Paste:
#!/bin/bash
BACKUP_DIR="/backups/n8n"
DATE=$(date +%Y-%m-%d_%H-%M)
mkdir -p $BACKUP_DIR
# Backup PostgreSQL database
docker compose -f /docker/n8n/docker-compose.yml exec -T postgres \
pg_dump -U n8n n8n > "$BACKUP_DIR/db_$DATE.sql"
# Backup n8n data volume
docker run --rm \
-v n8n-data:/source:ro \
-v $BACKUP_DIR:/backup \
alpine tar czf "/backup/n8n_data_$DATE.tar.gz" -C /source .
# Delete backups older than 30 days
find $BACKUP_DIR -type f -mtime +30 -delete
echo "Backup completed: $DATE"
Make it executable and schedule it:
chmod +x /docker/n8n/backup.sh
# Run daily at 3 AM
crontab -e
Add this line:
0 3 * * * /docker/n8n/backup.sh >> /var/log/n8n-backup.log 2>&1
Step 7: Update n8n
n8n releases updates almost every week. Here's how to update safely.
Update Process
cd /docker/n8n
# Pull the latest image
docker compose pull n8n
# Restart with the new image
docker compose up -d --no-deps n8n
n8n automatically runs database migrations on startup, so your workflows and data are preserved.
Before major updates: Always export your workflows as a backup first: docker compose exec n8n n8n export:workflow --all --output=/home/node/.n8n/backup.jsonUpdate Schedule Recommendation
| Update Type | Frequency | How |
|---|---|---|
| Security patches | Immediately | docker compose pull && docker compose up -d |
| Minor versions | Every 2–4 weeks | Same as above, check changelog first |
| Major versions | Test in staging first | Read migration guide, backup everything |
Step 8: Optimize Performance
Once your n8n instance is running, these tweaks improve performance for production workloads.
Add Execution Pruning
By default, n8n stores all execution data forever, which fills up your database. Add these environment variables to the n8n service in your docker-compose.yml:
- EXECUTIONS_DATA_PRUNE=true
- EXECUTIONS_DATA_MAX_AGE=168 # Keep 7 days (in hours)
Memory Limits
For shared VPS environments, set memory limits to prevent n8n from consuming all available RAM:
deploy:
resources:
limits:
memory: 2G
Performance Tuning Quick Reference
| Setting | Default | Recommended | Purpose |
|---|---|---|---|
EXECUTIONS_DATA_PRUNE |
false | true | Auto-delete old execution data |
EXECUTIONS_DATA_MAX_AGE |
— | 168 (7 days) | Hours to keep execution data |
N8N_CONCURRENCY_PRODUCTION_LIMIT |
-1 (unlimited) | 20 | Max concurrent workflow executions |
N8N_PAYLOAD_SIZE_MAX |
16 | 64 | Max payload size in MB |
Common Issues and Fixes
Troubleshooting Guide
| Problem | Cause | Fix |
|---|---|---|
| SSL certificate not working | DNS not propagated yet | Wait 5–30 min, verify with dig your-domain +short |
| "502 Bad Gateway" | n8n container not ready | Wait 30 sec, check docker compose logs n8n |
| Database connection failed | PostgreSQL not ready | Check docker compose ps, ensure postgres is "healthy" |
| Webhooks not working | WEBHOOK_URL not set correctly | Verify WEBHOOK_URL in .env matches your domain |
| Permission denied errors | Volume ownership mismatch | Run chown -R 1000:1000 /docker/n8n/n8n_data |
| Out of memory | Large workflows or too many executions | Enable pruning, increase VPS RAM |
| Can't send emails from workflows | No SMTP configured | Add SMTP env variables or use an email node with API |
What to Build First
Now that your n8n instance is running, here are some starter workflows to get immediate value:
Beginner Workflows (Build in 10 minutes)
- RSS feed monitor — check favorite blogs/news sites hourly, get Telegram/Slack notifications for new articles
- Email-to-spreadsheet — automatically log incoming emails to Google Sheets
- Website uptime monitor — ping your sites every 5 minutes, get alerts when they go down
- Daily weather briefing — get a morning Telegram message with the weather forecast for your city
Intermediate Workflows (Build in 30 minutes)
- Social media automation — generate AI content with ChatGPT/Claude and post to multiple platforms on schedule
- Lead enrichment pipeline — when a new form submission arrives, look up the company and add to CRM
- Invoice processing — extract data from email attachments and log to a spreadsheet
- Content repurposing — turn blog posts into social media threads, newsletters, and video scripts
Advanced Workflows (Build in 1–2 hours)
- AI content pipeline — research topics, generate drafts, optimize for SEO, and publish to your CMS automatically
- Multi-platform customer support — monitor email, social media, and chat, route to the right team member
- Automated reporting — pull data from multiple APIs, generate weekly reports, email to stakeholders
Want ready-made templates? We'll cover 7 complete n8n workflow templates (with JSON exports) in an upcoming article. Subscribe to get notified!
Monthly Maintenance Checklist
Running a self-hosted n8n instance requires minimal but consistent maintenance. Here's what to do each month:
| Task | Frequency | Time Required | Command |
|---|---|---|---|
| Update n8n to latest version | Every 2–4 weeks | 2 minutes | docker compose pull && docker compose up -d |
| Check backup integrity | Monthly | 5 minutes | Verify backup files exist in /backups/n8n/ |
| Review execution logs | Weekly | 5 minutes | Check n8n dashboard → Executions |
| Monitor disk space | Monthly | 1 minute | df -h |
| Check Docker logs for errors | Monthly | 5 minutes | docker compose logs --tail 100 |
| Review server security updates | Monthly | 5 minutes | apt update && apt list --upgradable |
Total monthly time investment: approximately 30 minutes. Compare this to the time you'd spend managing Zapier task limits, upgrading plans, or debugging failed tasks due to rate limiting.
Self-Hosted n8n vs n8n Cloud: When to Choose Which
| Consideration | Self-Hosted | n8n Cloud |
|---|---|---|
| You should choose this if... | You have technical skills and want maximum value | You want zero maintenance and quick start |
| Monthly cost | $5–20 | €24–800 |
| Setup time | 30–60 minutes | 5 minutes |
| Maintenance | ~30 min/month | Zero |
| Execution limits | None | 2,500–40,000 |
| Support | Community forum | Email (Business: dedicated) |
| Data location | Anywhere you choose | EU (Germany) |
For a complete comparison of n8n against other platforms, check our n8n vs Zapier vs Make guide.
The Bottom Line
Self-hosting n8n is one of the highest-ROI investments a technical user or small team can make. For less than $10/month, you get:
- ✅ Unlimited workflow executions (no billing surprises)
- ✅ Complete control over your data and infrastructure
- ✅ 400+ integrations with full API access to any service
- ✅ Custom code — JavaScript, Python, npm packages
- ✅ AI capabilities — build agents with OpenAI, Claude, Gemini
The setup takes about 30–60 minutes. The maintenance takes about 30 minutes per month. The savings compared to cloud alternatives add up to hundreds or thousands of dollars per year.
The only question is: what will you automate first?
This guide is regularly updated with the latest n8n version changes. Last updated: March 2026.
Running into issues? Drop us a note and we'll help troubleshoot. Subscribe for more hands-on automation tutorials.
Once your n8n instance is running, here are 10 tasks you can automate right away.
Frequently Asked Questions
Is self-hosted n8n really free?
Yes. The n8n Community Edition is licensed under the Sustainable Use License, which allows free use for internal business purposes. You only pay for your VPS hosting ($5–20/month). There are no execution limits, no workflow limits, and no user limits.
How much RAM does n8n need?
For most use cases, 2GB RAM is sufficient. If you're running complex workflows with large data processing or many concurrent executions, consider 4GB. I run 15+ workflows on a 4GB VPS without issues. The PostgreSQL database adds minimal overhead (~200MB).
Can I run n8n alongside other services on the same VPS?
Absolutely. I run n8n alongside Ghost CMS and other Docker services on a single VPS. Just make sure you have enough RAM (4–8GB recommended for multiple services) and configure your reverse proxy correctly to route traffic to each service.
How do I migrate from n8n Cloud to self-hosted?
- Export your workflows from n8n Cloud (Settings → Export)
- Set up your self-hosted instance following this guide
- Import the workflow JSON files into your new instance
- Reconfigure credentials (API keys, OAuth connections)
- Test each workflow before disabling the cloud version
Is self-hosted n8n secure enough for production?
Yes, if you follow the security steps in this guide (SSL, firewall, fail2ban, strong passwords, encryption key). Many businesses run self-hosted n8n in production. The key is keeping your server updated and following Docker security best practices.
How do I access n8n remotely without exposing it to the internet?
For extra security, you can put n8n behind a VPN like Tailscale or WireGuard. This way, n8n is only accessible from devices connected to your VPN — completely invisible to the public internet. Webhooks still work if you configure a separate public endpoint.
What happens if my server goes down?
If your VPS goes down, n8n stops until the server is back. When it restarts, Docker automatically restarts the containers (thanks to restart: unless-stopped). Scheduled workflows resume from where they left off. Your data is safe in Docker volumes. For critical workflows, consider setting up a monitoring service that alerts you when n8n is unreachable.
SQLite or PostgreSQL — which should I use?
PostgreSQL for any production use. SQLite is fine for local testing, but it becomes a bottleneck with concurrent workflow executions and can corrupt data during unexpected shutdowns. PostgreSQL handles concurrent access better, supports larger datasets, and has more robust crash recovery. This guide uses PostgreSQL by default.
