一键安装脚本
本脚本使用 caddy 进行内网反代,避开了原本 n8n 对 https 的限制。
#!/bin/bash
echo "=== 开始配置 n8n 与 Caddy 内部反向代理 ==="
# 检查本地配置
if [ -d "data" ]; then
echo "警告:检测到本地已存在配置"
read -p "是否清除现有配置并重新初始化?(y/N) " answer
if [ "$answer" = "y" ] || [ "$answer" = "Y" ]; then
echo "清理现有配置..."
rm -rf data caddy_data
echo "现有配置已清理"
else
echo "保留现有配置,退出脚本"
exit 0
fi
fi
# 检查 docker-compose.yml
if [ -f "docker-compose.yml" ]; then
echo "发现现有的 docker-compose.yml"
read -p "是否覆盖现有的 docker-compose.yml?(y/N) " answer
if [ "$answer" != "y" ] && [ "$answer" != "Y" ]; then
echo "保留现有 docker-compose.yml,退出脚本"
exit 0
fi
fi
# 设置端口号
read -p "请输入要使用的 HTTPS 端口 (默认: 8443): " HTTPS_PORT
HTTPS_PORT=${HTTPS_PORT:-8443}
# 设置内部域名
INTERNAL_DOMAIN="n8n.local"
echo -e "\n1. 启动临时容器..."
docker run -d --name n8n-temp n8nio/n8n:latest
echo "等待10秒让容器完全初始化..."
sleep 10
echo -e "\n2. 创建本地配置目录..."
mkdir -p data
mkdir -p caddy_data/caddy_config
mkdir -p caddy_data/caddy_data
mkdir -p caddy_data/certs
echo "目录创建完成"
echo -e "\n3. 从运行中的容器复制配置..."
docker cp n8n-temp:/home/node/.n8n/. ./data/
if [ $? -eq 0 ]; then
echo "数据目录复制成功"
else
echo "错误:数据目录复制失败"
docker rm -f n8n-temp
exit 1
fi
echo -e "\n4. 清理临时容器..."
docker rm -f n8n-temp
echo "临时容器已清理"
echo -e "\n5. 创建 Caddy 配置文件..."
mkdir -p caddy_data/caddy_config/Caddyfile.d
# 创建自签名证书
echo -e "\n5.1 生成自签名证书..."
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
-keyout caddy_data/certs/n8n.key \
-out caddy_data/certs/n8n.crt \
-subj "/CN=${INTERNAL_DOMAIN}" \
-addext "subjectAltName = DNS:${INTERNAL_DOMAIN},IP:127.0.0.1"
echo "证书生成完成"
# 创建 Caddy 配置文件
cat > caddy_data/caddy_config/Caddyfile <<EOL
{
# 禁用 ACME 以使用本地证书
auto_https disable_redirects
}
:${HTTPS_PORT} {
tls /etc/caddy/certs/n8n.crt /etc/caddy/certs/n8n.key
reverse_proxy n8n-app:5678
log {
output file /data/access.log
}
encode gzip
}
EOL
echo "Caddy 配置创建完成"
echo -e "\n6. 创建 docker-compose.yml..."
cat > docker-compose.yml <<EOL
version: "3"
services:
n8n-app:
image: n8nio/n8n:latest
container_name: n8n-app
restart: unless-stopped
expose:
- 5678
volumes:
- ./data:/home/node/.n8n
environment:
- TZ=Asia/Shanghai
- GENERIC_TIMEZONE=Asia/Shanghai
- N8N_PORT=5678
- N8N_PROTOCOL=https
- N8N_HOST=localhost
- NODE_ENV=production
- WEBHOOK_URL=https://localhost:${HTTPS_PORT}/
- N8N_TRUSTED_PROXY_ADDRESSES=caddy-service
dns:
- 8.8.8.8
- 223.5.5.5
networks:
- n8n-network
extra_hosts:
- "${INTERNAL_DOMAIN}:127.0.0.1"
caddy-service:
image: caddy:latest
container_name: caddy-service
restart: unless-stopped
ports:
- "${HTTPS_PORT}:${HTTPS_PORT}"
volumes:
- ./caddy_data/caddy_config:/etc/caddy
- ./caddy_data/caddy_data:/data
- ./caddy_data/certs:/etc/caddy/certs:ro
networks:
- n8n-network
extra_hosts:
- "${INTERNAL_DOMAIN}:127.0.0.1"
networks:
n8n-network:
driver: bridge
EOL
echo "配置文件创建完成"
echo -e "\n7. 创建 hosts 文件更新脚本..."
cat > update_hosts.sh <<EOL
#!/bin/bash
# 检查 /etc/hosts 文件中是否已存在条目
if grep -q "${INTERNAL_DOMAIN}" /etc/hosts; then
echo "${INTERNAL_DOMAIN} 已在 hosts 文件中"
else
echo "添加 ${INTERNAL_DOMAIN} 到 hosts 文件..."
echo "127.0.0.1 ${INTERNAL_DOMAIN}" | sudo tee -a /etc/hosts
echo "hosts 文件已更新"
fi
EOL
chmod +x update_hosts.sh
echo "hosts 更新脚本创建完成"
echo -e "\n=== 配置完成! ==="
echo "你可以:"
echo "1. 运行 './update_hosts.sh' 更新本地 hosts 文件 (需要 sudo 权限)"
echo "2. 编辑 ./data 目录下的配置文件"
echo "3. 编辑 docker-compose.yml 修改设置"
echo "4. 使用 'docker compose up -d' 启动服务"
echo "5. 访问 https://localhost:${HTTPS_PORT} 或 https://${INTERNAL_DOMAIN}:${HTTPS_PORT} 开始使用 n8n"
echo -e "\n注意:"
echo "- 由于使用自签名证书,浏览器会显示安全警告,需要手动确认信任证书"
echo "- 如果访问 webhook 出现问题,可能需要调整 WEBHOOK_URL 环境变量"
# 询问是否立即启动服务
read -p "是否立即启动服务?(y/N) " answer
if [ "$answer" = "y" ] || [ "$answer" = "Y" ]; then
echo "启动 n8n 和 Caddy..."
docker compose up -d
echo "服务已启动,请访问 https://localhost:${HTTPS_PORT}"
fi
