n8n Self-Hosted: A Complete 2025 Guide to Secure, Scalable Automation

Self-hosting n8n gives you full control over your automation stack — from data privacy and security to performance and cost. In this complete 2025 guide, youll learn what n8n self-hosted is, why teams choose it, and how to deploy, secure, and scale it in production.

What is n8n self-hosted?

n8n is a powerful, open-source workflow automation platform. The self-hosted edition lets you run n8n on your own infrastructure (VPS, bare metal, or Kubernetes), keeping sensitive data under your control and customizing performance to your needs.

Why self-host n8n?

• Data privacy & compliance: Keep data on your servers to meet GDPR, SOC2, HIPAA, or internal policies.
• Cost control: Predictable infrastructure costs at scale.
• Customization: Fine-tune environment variables, resources, and integrations.
• Performance: Co-locate n8n near your databases/APIs to reduce latency.

Recommended system requirements

• Starter (testing/small teams): 2 vCPU, 4 GB RAM, 20 GB SSD
• Production (most teams): 416 vCPU, 824 GB RAM, fast NVMe storage
• Database: Managed PostgreSQL 13+ (or self-hosted with backups enabled)
• Networking: Reverse proxy (Nginx/Caddy) with HTTPS (Lets Encrypt)

Quick start: n8n with Docker Compose

Create a directory and a docker-compose.yml file:

version: "3.8"
services:
  n8n:
    image: n8nio/n8n:latest
    container_name: n8n
    restart: unless-stopped
    ports:
      - "5678:5678"
    environment:
      - N8N_HOST=your-domain.com
      - N8N_PORT=5678
      - N8N_PROTOCOL=https
      - WEBHOOK_URL=https://your-domain.com/
      - GENERIC_TIMEZONE=UTC
      # Database (recommended: external Postgres)
      - DB_TYPE=postgresdb
      - DB_POSTGRESDB_HOST=postgres
      - DB_POSTGRESDB_PORT=5432
      - DB_POSTGRESDB_DATABASE=n8n
      - DB_POSTGRESDB_USER=n8n
      - DB_POSTGRESDB_PASSWORD=strongpassword
    volumes:
      - ./n8n_data:/home/node/.n8n
  postgres:
    image: postgres:15
    restart: unless-stopped
    environment:
      - POSTGRES_USER=n8n
      - POSTGRES_PASSWORD=strongpassword
      - POSTGRES_DB=n8n
    volumes:
      - ./pg_data:/var/lib/postgresql/data

Then run:

docker compose up -d

Put n8n behind a reverse proxy (Nginx or Caddy) and enable HTTPS. Set N8N_HOST, N8N_PROTOCOL, and WEBHOOK_URL to match your public domain.

Security hardening checklist

• HTTPS everywhere: Terminate TLS at your proxy; redirect HTTPeHTTPS.
• Strong auth: Use complex admin passwords; enable SSO/OIDC if available.
• Lock down environment: Run as non-root, minimal privileges, read-only FS where possible.
• Secrets management: Store API keys in env/secret stores (not in workflows).
• Network controls: Restrict database and webhook ingress with firewalls/security groups.
• Update cadence: Track n8n release notes and patch regularly.

Scaling n8n in production

• Separate queue workers: Use EXECUTIONS_MODE=queue with Redis to process jobs asynchronously.
• Horizontal scaling: Run multiple n8n pods/containers with a shared Postgres + Redis.
• Autoscaling: In Kubernetes, scale on CPU/memory or queue depth.
• Persistence: Mount durable storage for /.n8n and keep database managed.

# Key env for queue mode
EXECUTIONS_MODE=queue
QUEUE_BULL_REDIS_HOST=redis
QUEUE_BULL_REDIS_PORT=6379

Backups and observability

• Database backups: Nightly full + PITR if supported by your provider.
• App config: Snapshot /.n8n volume (credentials, binaries, custom nodes).
• Logs/metrics: Ship logs to your stack (ELK/OpenSearch) and scrape metrics (Prometheus/Grafana).
• Uptime monitoring: Health checks and synthetic tests for critical webhooks.

Common pitfalls to avoid

• Using SQLite in production (risk of corruption under load). Prefer Postgres.
• Exposing n8n directly to the internet without a reverse proxy/HTTPS.
• Forgetting to set WEBHOOK_URL causing webhook timeouts or invalid callback URLs.
• No backups or monitoring until something breaks.

Self-host vs managed n8n

Self-hosting gives you maximum control and can be very cost-effective at scale. If you prefer a fully managed, production-ready deployment with SLAs, backups, and expert support, consider a managed n8n host.

FAQ

Is n8n free to self-host?
Yes. The open-source community edition is free to run on your own infrastructure. Optional enterprise features and support are available.

What database should I use?
PostgreSQL 13+ is recommended for reliability and scaling. Avoid SQLite in production.

How do I keep n8n updated?
Pin a version tag and plan regular upgrades. Review release notes and test in staging before production rollouts.

Can I scale workers separately?
Yes. Run queue workers as separate containers/pods with Redis to process executions independently from the editor UI.

Wrap-up

n8n self-hosted gives engineering teams a robust, flexible automation platform with enterprise-grade control. Start small with Docker Compose, harden security, and scale with queue workers once workflows grow.