Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

n8n fix firewall

Browse Source
This commit is contained in:
Nathan
2026-01-23 11:26:18 -06:00
parent 8e07c32238
commit cc0b9cef25
1 changed files with 20 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
system/virtualization/docker/n8n/default.nix
View File

@@ -1,11 +1,19 @@
{ config, lib, ... }: { { config, lib, ... }: let
options.sysconfig.docker.n8n.enable = with lib; mkOption { hostPort = 9004;
subdomain = "n8n";
name = "n8n";
in {
options.sysconfig.docker."${name}".enable = with lib; mkOption {
type = with types; bool; type = with types; bool;
default = false; default = false;
}; };
config = lib.mkIf (config.sysconfig.docker.n8n.enable && config.sysconfig.docker.enable) { config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
environment.etc."resolv.conf" = { environment.etc."resolv.conf" = {
enable = true; enable = true;
@@ -22,29 +30,29 @@
networking.firewall.interfaces = { networking.firewall.interfaces = {
"ve-traefik" = { "ve-traefik" = {
allowedTCPPorts = [ 9001 ]; allowedTCPPorts = [ hostPort ];
}; };
}; };
virtualisation.oci-containers.containers.n8n = { virtualisation.oci-containers.containers."${name}" = {
image = "docker.n8n.io/n8nio/n8n"; image = "docker.n8n.io/n8nio/n8n";
# unstable, waiting for 26.05 # unstable, waiting for 26.05
#pull = "newer"; #pull = "newer";
hostname = "n8n.esotericbytes.com"; hostname = "${subdomain}.esotericbytes.com";
networks = [ networks = [
"docker-main" "docker-main"
]; ];
labels = { labels = {
"traefik.http.routers.n8n.entrypoints" = "localsecure"; "traefik.http.routers.${name}.entrypoints" = "localsecure";
"traefik.http.routers.n8n.rule" = "Host(`n8n.esotericbytes.com`)"; "traefik.http.routers.${name}.rule" = "Host(`${subdomain}.esotericbytes.com`)";
"traefik.http.routers.n8n.service" = "n8n"; "traefik.http.routers.${name}.service" = "${name}";
"traefik.http.routers.n8n.tls.certResolver" = "cloudflare"; "traefik.http.routers.${name}.tls.certResolver" = "cloudflare";
"traefik.http.services.n8n.loadbalancer.server.url" = "http://192.168.100.10:9004"; "traefik.http.services.${name}.loadbalancer.server.url" = "http://192.168.100.10:${hostPort}";
}; };
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [ extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
@@ -52,7 +60,7 @@
]; ];
ports = [ ports = [
"9004:5678" "${hostPort}:5678"
]; ];
volumes = [ volumes = [