Hosting n8n cleanly: self-hosted, Docker and going to production
Self-hosted or n8n Cloud?
Before installing anything, the first decision is to choose between self-hosting (self-hosted) and the managed offering n8n Cloud. Both run the same workflows; the difference is who manages the infrastructure and the cost model.
Self-hosted means running n8n on your own server. Without a license key, you use the Community edition, which is free. You only pay for your infrastructure (a VPS costs on the order of a few euros per month) and you take on the maintenance: updates, backups, security, availability. It is the right choice if you want to control your data, avoid usage-based billing, or fine-tune the configuration.
n8n Cloud removes all infrastructure management: n8n hosts, updates and backs up for you. Billing is per execution: a full workflow run counts as one execution, regardless of how many steps it contains. There is no longer a permanent free Cloud plan (a free trial exists, and self-hosted Community remains free). Pricing changes over time: check the n8n.io/pricing page for current rates.
To be honest: if you are starting out and you do not want to manage a server, Cloud is faster to get going. If you know how to administer a Linux machine, or if data confidentiality and cost control matter most, self-hosted is more advantageous. Note as well that certain advanced features (SSO, environments, external secrets management, multi-main scaling, Git versioning) are reserved for paid editions, whether you are self-hosted or on Cloud.
What do you need to host n8n self-hosted?
To host n8n self-hosted, three elements are enough: a Linux VPS reachable from the internet, Docker (or Node.js 20.19 to 24.x), and a domain name pointing to the server's IP.
- A server or VPS running Linux, reachable from the internet. A small instance (1 to 2 vCPU, 2 GB of RAM) covers modest usage; plan for more RAM if your workflows handle large volumes or make heavy use of AI models.
- Docker, recommended by n8n, or otherwise Node.js via npm. If you go through npm, use a Node.js version in the range
20.19to24.x. - A domain name (for example
n8n.yourdomain.com) pointing to the server's IP address. It is used to expose the interface cleanly and to enable HTTPS. Essential, in particular so that webhooks and certain OAuth integrations work with a stable, encrypted URL.
Docker is advised because it isolates the application, simplifies updates and makes the installation reproducible. npm remains a valid option if you prefer not to use containers.
How do you install n8n step by step?
Installing n8n takes seven steps: choose the hosting, prepare the server, launch n8n, add an HTTPS reverse proxy, configure the variables and the external database, set up backups and updates, check security. The exact commands depend on your distribution and your reverse proxy; what matters is the order and the logic of the steps.
- Choose the hosting. Go for self-hosted with Docker (recommended by n8n) if you manage a server, or for n8n Cloud if you do not want to administer infrastructure. The rest assumes self-hosted.
- Prepare the server. Provision a Linux VPS, update the system, create a dedicated user, and install Docker (or Node.js version
20.19to24.xif you choose npm). Point your domain name to the server's IP. - Launch n8n. With Docker, start the official
n8nio/n8ncontainer while mounting a persistent volume for the data. With npm, install n8n globally then run then8ncommand. Without a license key, you are on the Community edition. - Add a reverse proxy and HTTPS. Place a reverse proxy (Caddy, Nginx or Traefik) in front of n8n to expose the interface on your domain over HTTPS, with a certificate (Let's Encrypt for example).
- Configure environment variables and an external database. Set the public URL, the timezone, the encryption key, and connect an external PostgreSQL database for persistence rather than the default SQLite database.
- Set up backups and updates. Back up the database and the persisted data regularly, and define a procedure to update the n8n image or package.
- Check security and access. Enable authentication, restrict open ports, store secrets outside the configuration repository, and verify that only the reverse proxy exposes n8n to the outside.
Once the instance is online, you can create your first workflows and automations. To build a conversational agent based on a language model, see the guide building an AI agent with n8n.
How do you move an n8n instance to production?
Five points make an n8n instance clean for production: reverse proxy and HTTPS, environment variables (including the encryption key), external PostgreSQL database, backups, and updates. An instance launched locally is not a production instance.
Reverse proxy and HTTPS. Never expose n8n directly over HTTP on the internet. A reverse proxy (Caddy, Nginx, Traefik) handles the TLS certificate, the encryption and, if needed, an additional authentication layer. It is also what gives a stable URL, required for webhooks and OAuth callbacks.
Environment variables. n8n is configured essentially through environment variables: public URL, timezone, database parameters, and above all the encryption key used for stored credentials. This key must be fixed and kept: losing it makes the saved credentials unreadable.
External database. In production, connect n8n to an external PostgreSQL database rather than the default SQLite database. PostgreSQL handles load better, backs up cleanly and survives the recreation of the container. SQLite remains handy for testing, but it is poorly suited to sustained use.
Backups. Back up the database regularly (your workflows, encrypted credentials, execution histories) and the encryption key. Without that key, restoring a database is not enough to recover the credentials.
Updates. n8n evolves quickly. Plan an update routine (new Docker image or new npm package), ideally tested on a pre-production instance, having backed up beforehand.
Reliability and scaling
Beyond the installation, a production instance must stay reliable over time.
Verified backups. A backup only has value if it restores. Periodically test a full restore (database + encryption key + persisted data) on a disposable instance.
Monitoring. Watch the instance's availability, CPU/RAM usage, disk space and failed executions. On a modest machine, RAM and disk (execution histories that accumulate) are the first limits to be reached.
Scaling. To absorb a high volume of executions, n8n offers a so-called queue mode that distributes the work across several worker processes, with a queue (Redis). It is the main lever to scale horizontally. Be careful, though: multi-main scaling and certain capabilities tied to high availability are among the features reserved for paid editions. For single-operator or SMB use, a well-sized instance is most often enough; moving to queue mode and multi-main is justified when volume truly calls for it.
If your need is mainly reliability without managing infrastructure, n8n Cloud takes the advantage back: backups and availability are handled for you, at the cost of per-execution billing.
Basic security
An n8n instance handles credentials to your services (APIs, databases, messaging): securing it is not optional.
- Authentication. Never expose the interface without authentication. Enable n8n's user accounts and, if possible, add protection at the reverse proxy level.
- Secrets. Keep the encryption key and sensitive variables out of your Git repository and out of versioned files. Use a protected environment file (restrictive permissions) or a secrets manager.
- Network access. Limit open ports to the strict minimum (HTTPS via the reverse proxy). Do not expose n8n's internal port or the database's port directly on the internet.
- Security updates. Keep the system, Docker and n8n up to date to benefit from patches.
n8n is distributed under the Sustainable Use License (fair-code model, source code available), which is not a classic OSI open source license. It allows self-hosting and internal use, while reserving certain features for paid editions. To go further on using n8n in an automation approach, see our page AI automation.