n8n is a workflow automation platform that lets you connect APIs, services, and internal tools into automated pipelines — similar to Zapier or Make, but with one critical difference: you can self-host it. Self-hosting means your workflow data, API credentials, and execution logs never leave your server. No vendor lock-in, no per-execution pricing, and no third-party access to your business logic.
Coolify makes deploying n8n remarkably straightforward. Instead of manually writing Docker Compose files, configuring reverse proxies, and wiring up SSL certificates, Coolify handles all of that through its service catalog. This guide walks through the entire process: from provisioning a VPS to having a production-ready n8n instance with PostgreSQL, persistent storage, and automatic HTTPS.
If you have not installed Coolify yet, start with our Coolify installation guide first, then return here.
1. What Is n8n and Why Self-Host It?
n8n (pronounced "n-eight-n") is a source-available workflow automation tool. It provides a visual editor where you build workflows by connecting nodes — each node represents an action like sending an HTTP request, querying a database, transforming data, or triggering a webhook. Workflows can be triggered on a schedule, by webhooks, or manually.
The cloud-hosted version of n8n charges based on workflow executions. For teams running hundreds or thousands of automations daily, costs add up quickly. Self-hosting eliminates per-execution fees entirely — you pay only for the server resources.
Beyond cost, self-hosting gives you:
- Data sovereignty — Workflow data, credentials, and execution logs stay on infrastructure you control. Critical for GDPR compliance and handling sensitive API keys.
- No execution limits — Run as many workflows as your server can handle. No throttling, no tier restrictions.
- Custom nodes and integrations — Install community nodes or build your own without restrictions.
- Network locality — If your workflows interact heavily with other services on the same network (databases, internal APIs), self-hosting on the same VPS or data center eliminates latency.
- Full control over updates — Choose when to upgrade. Test new versions in staging before production.
2. Prerequisites
Before starting, ensure you have the following:
Server Requirements
- VPS with 2+ vCPUs and 4GB+ RAM — n8n itself is lightweight, but Coolify, PostgreSQL, and the reverse proxy share the same server. 4GB is the minimum for a comfortable experience; 8GB is recommended for production workloads with concurrent workflow executions.
- 40GB+ SSD storage — Docker images, database files, and execution logs consume disk space over time. Start with at least 40GB and monitor usage.
- Ubuntu 22.04 or 24.04 LTS — Coolify officially supports Ubuntu. Debian 12 also works but Ubuntu is the most tested path.
Networking Requirements
- A domain or subdomain — Something like
n8n.yourdomain.compointed to your server's IP address via an A record. Required for SSL and webhook URLs. - Ports 80 and 443 open — For HTTP/HTTPS traffic. Coolify's reverse proxy (Traefik) listens on these ports.
- Port 8000 open — For Coolify's dashboard (only during initial setup; you can restrict it after).
Coolify Installed and Running
This guide assumes Coolify is already installed on your server. If not, follow our step-by-step Coolify installation guide. You should be able to access the Coolify dashboard at http://your-server-ip:8000 before proceeding.
3. Deploying n8n Through Coolify's Service Catalog
Coolify includes n8n in its one-click service catalog. This is the fastest path to deployment because it pre-configures the Docker image, networking, and basic environment variables.
Step 1: Create a New Project
In the Coolify dashboard, navigate to Projects and click + Add. Name it something descriptive like "Automation" or "n8n Production". Projects in Coolify are organizational containers — they group related services and their environment variables.
Step 2: Add a New Service
Inside your project, click + New Resource and select Service. You will see Coolify's service catalog. Search for n8n and select it.
Coolify will generate a Docker Compose configuration for n8n with sensible defaults. Before deploying, we need to configure several things.
Step 3: Set Your Domain
In the service configuration, find the Domains field and enter your subdomain:
n8n.yourdomain.comMake sure your DNS A record for this subdomain points to your server's IP address. Coolify will automatically configure Traefik to route traffic from this domain to your n8n container.
4. Configuring PostgreSQL as the Database Backend
By default, n8n uses SQLite as its database. SQLite works for testing and light usage, but it has significant limitations for production:
- Single-writer lock — Only one process can write at a time. Under heavy workflow execution, this creates bottlenecks.
- No concurrent access — If you scale to multiple n8n workers later, SQLite cannot handle it.
- Limited backup options — Database-level backups are harder to manage with SQLite compared to PostgreSQL's built-in tools.
- No point-in-time recovery — PostgreSQL supports WAL archiving for precise recovery; SQLite does not.
Coolify's n8n service template typically includes a PostgreSQL container. If it does not, you can add one manually.
Adding PostgreSQL to Your Service
If the service template already includes PostgreSQL, verify the connection settings. If you need to add it manually, create a new PostgreSQL service in the same project and note the connection details.
The key environment variables for connecting n8n to PostgreSQL are:
DB_TYPE=postgresdb
DB_POSTGRESDB_HOST=your-postgres-service-name
DB_POSTGRESDB_PORT=5432
DB_POSTGRESDB_DATABASE=n8n
DB_POSTGRESDB_USER=n8n
DB_POSTGRESDB_PASSWORD=your-secure-password-hereImportant: Use a strong, randomly generated password for the database. A 32-character alphanumeric string is a good minimum. Never reuse passwords across services.
Verifying the Database Connection
After deploying, check the n8n container logs in Coolify's dashboard. Look for a message confirming the PostgreSQL connection. If you see SQLite-related messages instead, the environment variables are not being picked up correctly — double-check the variable names and restart the service.
5. Setting Up Persistent Volumes
Docker containers are ephemeral by default. Without persistent volumes, every redeployment or container restart would wipe your n8n data — workflows, credentials, execution history, all gone.
Coolify handles volume configuration through its service settings. For n8n, you need persistent storage for two directories:
n8n Data Directory
/home/node/.n8nThis directory contains n8n's configuration files, encryption keys, and any custom nodes you install. The encryption key stored here is critical — if you lose it, all stored credentials in n8n become unrecoverable.
PostgreSQL Data Directory
/var/lib/postgresql/dataThis is where PostgreSQL stores all database files. Without persistence, you would lose every workflow definition and execution record on container restart.
Configuring Volumes in Coolify
In the service configuration panel, navigate to the Storages tab. Coolify pre-configures volumes for most one-click services, but verify the following mappings exist:
# n8n data volume
n8n-data:/home/node/.n8n
# PostgreSQL data volume
postgres-data:/var/lib/postgresql/dataIf these are not present, add them manually. Coolify will create named Docker volumes on the host system, typically stored under /var/lib/docker/volumes/.
Backup note: Include these volume paths in your backup strategy. Losing the n8n data directory means losing the encryption key, which renders all stored credentials unusable. Losing the PostgreSQL data means losing all workflows and execution history.
6. Configuring Environment Variables
n8n uses environment variables for all configuration. Coolify lets you set these through the service's Environment Variables tab. Here are the essential variables for a production deployment:
Core Configuration
# The publicly accessible URL for your n8n instance
N8N_HOST=n8n.yourdomain.com
N8N_PORT=5678
N8N_PROTOCOL=https
# Webhook URL (must match your public domain)
WEBHOOK_URL=https://n8n.yourdomain.com/
# Set the timezone for scheduled workflows
GENERIC_TIMEZONE=UTC
# Encryption key for stored credentials (auto-generated on first run)
# Back this up! Without it, credentials cannot be decrypted
N8N_ENCRYPTION_KEY=your-random-encryption-keySecurity Variables
# Disable public registration after creating your admin account
N8N_USER_MANAGEMENT_DISABLED=false
# Basic auth (alternative to user management)
# N8N_BASIC_AUTH_ACTIVE=true
# N8N_BASIC_AUTH_USER=admin
# N8N_BASIC_AUTH_PASSWORD=your-secure-passwordExecution Settings
# Save execution data for debugging
EXECUTIONS_DATA_SAVE_ON_ERROR=all
EXECUTIONS_DATA_SAVE_ON_SUCCESS=all
# Prune old executions to prevent database bloat
EXECUTIONS_DATA_PRUNE=true
EXECUTIONS_DATA_MAX_AGE=168 # Hours (7 days)The WEBHOOK_URL variable is particularly important. If this is not set correctly, webhook-triggered workflows will fail because n8n will generate callback URLs using the wrong hostname. Make sure it matches your configured domain exactly, including the https:// prefix.
Critical: The
N8N_ENCRYPTION_KEYis generated automatically on first startup and stored in the/home/node/.n8ndirectory. If you ever need to migrate n8n to a different server, you must bring this key with you. Without it, all stored credentials (API keys, OAuth tokens, database passwords) are permanently lost.
7. Setting Up SSL with Coolify's Built-In Let's Encrypt
SSL is non-negotiable for a production n8n instance. Without HTTPS, every login credential, API key, and webhook payload travels over the network in plain text. Coolify integrates Let's Encrypt for automatic, free SSL certificates.
Enabling SSL
In your n8n service configuration, Coolify automatically provisions SSL when you:
- Set a domain in the Domains field (e.g.,
n8n.yourdomain.com) - Ensure the domain's DNS A record points to your server's public IP
- Have ports 80 and 443 open on your server's firewall
Coolify's Traefik proxy handles the Let's Encrypt ACME challenge automatically. Once deployed, your n8n instance will be accessible at https://n8n.yourdomain.com with a valid SSL certificate that auto-renews before expiration.
Verifying SSL
After deployment, verify your SSL configuration:
# Check SSL certificate details
curl -vI https://n8n.yourdomain.com 2>&1 | grep -E "subject:|expire date:|issuer:"
# Verify HTTP to HTTPS redirect
curl -I http://n8n.yourdomain.comThe second command should return a 301 or 308 redirect to the HTTPS version. If it does not, check Coolify's Traefik configuration for force-HTTPS settings.
For a deeper dive into server-level security beyond SSL, including firewall rules, SSH hardening, and Docker isolation, see our Coolify security hardening guide.
8. Resource Recommendations for Different Workload Sizes
n8n's resource consumption scales with the number and complexity of workflows, how often they execute, and how much data each execution processes. Here are tested recommendations:
| Workload | vCPU | RAM | SSD | Use Case |
|---|---|---|---|---|
| Light | 2 cores | 4 GB | 40 GB | 10–20 workflows, few daily executions, personal projects |
| Medium | 4 cores | 8 GB | 80 GB | 50–100 workflows, webhook-heavy, small team |
| Heavy | 6 cores | 16 GB | 160 GB | 200+ workflows, high-frequency triggers, data-intensive processing |
| Enterprise | 8+ cores | 32 GB | 320 GB | Multi-user, queue mode with workers, mission-critical automations |
For light and medium workloads, a Cloud VPS provides the best cost-to-performance ratio. For heavy and enterprise workloads where you need guaranteed CPU resources without noisy-neighbor effects, a Dedicated VPS is the better choice because you get dedicated physical CPU cores rather than shared virtual cores.
Monitoring Resource Usage
After deployment, monitor your server's resource consumption to validate your sizing:
# Check current memory and CPU usage
htop
# Monitor Docker container resource usage
docker stats
# Check disk usage
df -h /var/lib/dockerIf n8n's memory usage consistently exceeds 70% of available RAM, or CPU regularly spikes above 80% during workflow executions, it is time to scale up. With MassiveGRID's VPS plans, you can upgrade CPU and RAM without migrating to a new server.
9. Post-Deployment Checklist
Once n8n is running, walk through this checklist to confirm everything is production-ready:
- Access n8n at your domain — Open
https://n8n.yourdomain.comand confirm the setup wizard appears. Create your admin account. - Verify PostgreSQL is active — Check the n8n logs for
Database type: postgresdb. If you seesqlite, revisit section 4. - Test webhook connectivity — Create a simple webhook workflow and trigger it from an external source (or use
curl). Confirm the webhook URL uses your configured domain. - Confirm persistent storage — Restart the n8n service from Coolify's dashboard. After restart, verify your workflows and credentials are still intact.
- Verify SSL — Check for the padlock icon in your browser. Test with
curl -vI https://n8n.yourdomain.com. - Back up the encryption key — Copy the
N8N_ENCRYPTION_KEYvalue to a secure, offline location. This is your disaster recovery lifeline. - Disable public registration — After creating your admin account, ensure
N8N_USER_MANAGEMENT_DISABLEDdoes not allow open signups in production. - Set up execution pruning — Confirm
EXECUTIONS_DATA_PRUNE=trueis set to prevent unbounded database growth.
10. Troubleshooting Common Issues
n8n Shows "Bad Gateway" or Connection Refused
This usually means n8n has not finished starting up, or the container crashed during initialization. Check the container logs in Coolify's dashboard. Common causes:
- PostgreSQL is not ready when n8n tries to connect. Add a restart policy or a health check dependency.
- Port conflict — Another service is already using port 5678 inside the Docker network.
- Insufficient memory — n8n needs at least 512MB of free RAM to start. If the server is already under memory pressure, the container will be OOM-killed.
Webhooks Return Wrong URL
If webhook test URLs show http://localhost:5678 instead of your public domain, the WEBHOOK_URL environment variable is not set or not applied. Update it in Coolify and redeploy the service.
Credentials Lost After Redeployment
This means the persistent volume for /home/node/.n8n is not configured correctly, or the N8N_ENCRYPTION_KEY changed between deployments. Verify volume mappings in the Storages tab and ensure the encryption key is set as an environment variable (not auto-generated on each restart).
Database Connection Errors
If n8n cannot connect to PostgreSQL, verify:
- The PostgreSQL container is running (
docker ps) - The
DB_POSTGRESDB_HOSTmatches the PostgreSQL service name in Coolify's Docker network - The database
n8nexists (Coolify usually creates it automatically) - Credentials match between n8n's environment variables and PostgreSQL's configuration
MassiveGRID Hosting for n8n
- Cloud VPS — Starting at $1.99/mo. Ideal for light-to-medium n8n workloads with scalable resources.
- Dedicated VPS — Starting at $4.99/mo. Dedicated CPU cores for heavy workflow execution without noisy-neighbor effects.
- Managed n8n Hosting — Fully managed n8n with automatic updates, backups, and monitoring. Zero server administration.
Your n8n Instance Is Ready
You now have a self-hosted n8n instance running on Coolify with PostgreSQL as the database backend, persistent storage for data durability, environment variables configured for production use, and automatic SSL via Let's Encrypt. This setup gives you full control over your workflow automation infrastructure at a fraction of the cost of cloud-hosted alternatives.
The key things to maintain going forward: keep your N8N_ENCRYPTION_KEY backed up, monitor resource usage as your workflow count grows, prune old execution data to keep the database lean, and keep n8n updated through Coolify's service management interface.
For securing your Coolify server at the OS level — SSH hardening, firewall rules, Docker isolation, and DDoS protection — follow our Coolify security hardening checklist. And if you want a managed experience where MassiveGRID handles the server, updates, and monitoring for you, check out our managed n8n hosting offering.