DEV Community

Cover image for Self Hosting n8n on AWS EC2 instance (Step-by-step Guide)
SevimsOffice
SevimsOffice

Posted on

Self Hosting n8n on AWS EC2 instance (Step-by-step Guide)

#aws #ec2 #n8n #automation

WARNING: To use n8n on AWS with a custom domain you must own that domain (your website). If you don't have one you can create get one here: Hostinger Domain
NOTE: Copy and paste each command one by one.

1. AWS Account and EC2 Instance Setup
Create an AWS account if you do not have one. https://aws.amazon.com/

Launch an EC2 instance:

Quick Start: choose Amazon Linux.
Amazon Machine Image (AMI): Amazon Linux 2023 AMI.
Instance type: t3.micro or t2.micro (choose whichever has free tier availability for you).

Key pair: Create new key pair (download .pem and keep it safe).

Network (security group): allow HTTP (80) and HTTPS (443) inbound.

Launch the instance. Wait until it becomes running.

(Why this matters: the instance is your server that will run n8n in Docker.)

2. Allocate an Elastic (Static) IP and Associate It

In the AWS EC2 console go to Elastic IPs (top-right or left menu).

Click Allocate Elastic IP address and allocate one.

Associate the Elastic IP with the EC2 instance you launched.

Why: Elastic IP prevents your instance IP from changing and lets you point your domain A record to a stable address.

3. Connect to EC2 (SSH)

Use the public IP or associated Elastic IP and your downloaded key pair:

chmod 400 my-key.pem
ssh -i my-key.pem ec2-user@YOUR_PUBLIC_IP
Enter fullscreen mode Exit fullscreen mode

After successful login you’ll be at the EC2 terminal prompt.

4. System Update and Install Nginx

Run commands one by one in the terminal:

sudo yum update -y
sudo yum install -y nginx
sudo systemctl start nginx
sudo systemctl enable nginx
Enter fullscreen mode Exit fullscreen mode

Nginx will act as the reverse proxy in front of n8n. (Keep it running.)

5. Install Docker

On Amazon Linux 2023, the Docker install is:

sudo yum install -y docker
sudo systemctl start docker
sudo systemctl enable docker
Enter fullscreen mode Exit fullscreen mode

Then add the ec2-user to the docker group so you can use Docker without sudo:

sudo usermod -aG docker $USER
Enter fullscreen mode Exit fullscreen mode

Important: Log out from SSH (exit) and reconnect for group changes to take effect. After reconnect:

sudo systemctl restart docker
sudo systemctl status docker
Enter fullscreen mode Exit fullscreen mode

6. Pull n8n Docker Image

Once Docker is ready:

docker pull n8nio/n8n:latest
Enter fullscreen mode Exit fullscreen mode

7. Install Certbot (for Let’s Encrypt SSL)

Install certbot and certbot nginx plugin:

sudo yum install -y certbot python3-certbot-nginx
Enter fullscreen mode Exit fullscreen mode

8. Configure Nginx Reverse Proxy for n8n

Create an nginx conf file for n8n:

sudo nano /etc/nginx/conf.d/n8n.conf
Enter fullscreen mode Exit fullscreen mode

Paste this (replace n8n.yourdomain.com with your domain):

server {
    listen 80;
    server_name n8n.yourdomain.com;

    location / {
        proxy_pass http://localhost:5678;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect off;
    }
}
Enter fullscreen mode Exit fullscreen mode

Save and exit editor.
Then test and restart nginx:

sudo nginx -t
sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

9. Point Your Domain DNS to the Elastic IP

In your DNS provider dashboard (Hostinger) create an A record:

  • Host / Name: n8n (so domain becomes n8n.yourdomain.com)
  • Value / Points to:
  • Set Proxy status to DNS only (not proxied). Set SSL/TLS mode to Full (not Full Strict).

Wait for DNS propagation.

10. Obtain SSL Certificate with Certbot (Let's Encrypt)

Run certbot to obtain and automatically configure SSL for nginx:

sudo certbot --nginx -d n8n.yourdomain.com
Enter fullscreen mode Exit fullscreen mode

You will be prompted for an email — enter it. Agree to the terms. Certbot will modify nginx config to use the certificates and optionally redirect HTTP to HTTPS. [IMAGE: certbot prompt and success message]
Set up automatic renewal (cron job):

echo "0 0 * * * certbot renew --quiet" | sudo tee -a /etc/crontab > /dev/null
Enter fullscreen mode Exit fullscreen mode

11. Prepare n8n Data Directory and Permissions

Create the persistent data directory for n8n:

mkdir -p /home/ec2-user/.n8n-data
sudo chown 1000:1000 /home/ec2-user/.n8n-data
Enter fullscreen mode Exit fullscreen mode

Then check listing:

ls -lah /home/ec2-user/.n8n-data
Enter fullscreen mode Exit fullscreen mode

12. Run n8n Docker Container (first run)

Run a quick run to verify container starts:

docker run -d \
  --name n8n \
  -p 5678:5678 \
  -v /home/ec2-user/.n8n-data:/home/node/.n8n \
  n8nio/n8n
Enter fullscreen mode Exit fullscreen mode

13. Stop and Remove Container (cleanup before final run)

docker stop n8n
docker rm n8n
Enter fullscreen mode Exit fullscreen mode

14. Final n8n Docker Run with Environment Variables

Run the container with recommended environment variables and persistent volume. Replace every n8n.yourdomain.com with your actual domain.

docker run -d --name n8n --restart=always -p 5678:5678 \
-v ~/.n8n:/home/node/.n8n \
-e N8N_PROTOCOL=https \
-e N8N_HOST=n8n.yourdomain.com \
-e N8N_PORT=5678 \
-e BASE_URL=https://n8n.yourdomain.com \
-e WEBHOOK_URL=https://n8n.yourdomain.com \
-e WEBHOOK_TUNNEL_URL=https://n8n.yourdomain.com \
-e VUE_APP_URL_BASE_API=https://n8n.yourdomain.com \
-e WEBHOOK_INCLUDE_ORIGIN_HEADER_DATA=false \
-e N8N_EDITOR_BASE_URL=https://n8n.yourdomain.com \
-e N8N_ENABLE_COMMUNITY_NODES=true \
-e NODE_FUNCTION_ALLOW_EXTERNAL=* \
-e N8N_CUSTOM_EXTENSIONS=/home/node/.n8n/custom \
-e N8N_IGNORE_CERT_ERRORS=true \
-e N8N_SECURE_COOKIE=false \
n8nio/n8n
Enter fullscreen mode Exit fullscreen mode

Reference: n8n environment variables and deployment docs/

15. Verify n8n Is Working

Open your browser and go to: https://n8n.yourdomain.com


Create a password and make sure not to forget it!

If you see n8n UI, congratulations it’s running over HTTPS. If the browser reports “not secure,” check the certbot certificate validity and renew if expired. See troubleshooting below.

  1. Updating n8n (Pulling latest image and restarting)

To update n8n later:

docker stop n8n
docker rm n8n
docker pull n8nio/n8n:latest
# then re-run the same docker run command from Step 14
Enter fullscreen mode Exit fullscreen mode

This replaces the container but preserves data in the mounted ~/.n8n directory.

17. Certificate Renewal Troubleshooting

If your site shows SSL issues, renew certificates:

sudo yum install -y certbot
certbot --version
sudo certbot renew
sudo systemctl restart nginx
sudo certbot certificates
Enter fullscreen mode Exit fullscreen mode

Reference: Certbot renewal documentation.

Quick Checklist (copyable)

  1. AWS EC2 launched (Amazon Linux 2023).
  2. Elastic IP allocated and associated.
  3. Security group: ports 80 and 443 open.
  4. SSH connected using .pem key.
  5. nginx installed and reverse proxy configured.
  6. Docker installed and running.
  7. n8n Docker image pulled and container launched with right env vars.
  8. DNS A record pointing n8n.yourdomain.com to Elastic IP.
  9. SSL obtained with certbot.
  10. Test https://n8n.yourdomain.com — n8n UI should appear.

Helpful Links / References (authoritative)
n8n Docker & hosting docs (self-hosting and environment variables).
n8n Docs
AWS EC2 Elastic IP documentation (allocation & association).
Installing Docker on Amazon Linux 2023 (AWS docs).
Certbot (Let’s Encrypt) nginx instructions and renewal.
certbot.eff.org

Top comments (0)