Fair-code workflow automation platform with native AI capabilities — combine visual building with custom code and 400+ integrations.
| Port | 5678 |
| Registry | ghcr.io/daemonless/n8n |
| Source | https://github.com/n8n-io/n8n |
| Website | https://n8n.io/ |
| Tag | Description | Best For |
|---|---|---|
latest |
Upstream Binary. Built from official release. | Most users. Matches Linux Docker behavior. |
Before deploying, ensure your host environment is ready. See the Quick Start Guide for host setup instructions.
services:
n8n:
image: "ghcr.io/daemonless/n8n:latest"
container_name: n8n
environment:
- N8N_ENCRYPTION_KEY=your-encryption-key-here # Encryption key for credentials (keep safe!)
- PUID=1000 # User ID for the application process
- PGID=1000 # Group ID for the application process
- TZ=UTC # Timezone for the container
- N8N_SECURE_COOKIE= # Set to false if accessing over HTTP without TLS
volumes:
- "/path/to/containers/n8n:/config"
ports:
- "5678:5678"
restart: unless-stopped.env:
# .env
DIRECTOR_PROJECT=n8n
N8N_ENCRYPTION_KEY=your-encryption-key-here
PUID=1000
PGID=1000
TZ=UTC
N8N_SECURE_COOKIE=
appjail-director.yml:
# appjail-director.yml
options:
- virtualnet: ':<random> default'
- nat:
services:
n8n:
name: n8n
options:
- container: 'boot args:--pull'
- expose: '5678:5678 proto:tcp' \
oci:
user: root
environment:
- N8N_ENCRYPTION_KEY: !ENV '${N8N_ENCRYPTION_KEY}'
- PUID: !ENV '${PUID}'
- PGID: !ENV '${PGID}'
- TZ: !ENV '${TZ}'
- N8N_SECURE_COOKIE: !ENV '${N8N_SECURE_COOKIE}'
volumes:
- n8n: /config
volumes:
n8n:
device: '/path/to/containers/n8n'Makejail:
# Makejail
ARG tag=latest
OPTION overwrite=force
OPTION from=ghcr.io/daemonless/n8n:${tag}
Note: Exposing ports in AppJail means that your service can be reached from remote hosts. If that is not your intention, do not expose the ports and communicate with the service using the IPv4 address assigned by the virtual network.
podman run -d --name n8n \
-p 5678:5678 \
-e N8N_ENCRYPTION_KEY=your-encryption-key-here \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=UTC \
-e N8N_SECURE_COOKIE= \
-v /path/to/containers/n8n:/config \
ghcr.io/daemonless/n8n:latestappjail oci run -Pd \
-o overwrite=force \
-o container="args:--pull" \
-o virtualnet=":<random> default" \
-o nat \
-o expose="5678:5678 proto:tcp" \
-e N8N_ENCRYPTION_KEY=your-encryption-key-here \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=UTC \
-e N8N_SECURE_COOKIE= \
-o fstab="/path/to/containers/n8n /config <pseudofs>" \
ghcr.io/daemonless/n8n:latest n8nNote: Exposing ports in AppJail means that your service can be reached from remote hosts. If that is not your intention, do not expose the ports and communicate with the service using the IPv4 address assigned by the virtual network.
- name: Deploy n8n
containers.podman.podman_container:
name: n8n
image: "ghcr.io/daemonless/n8n:latest"
state: started
restart_policy: always
env:
N8N_ENCRYPTION_KEY: "your-encryption-key-here"
PUID: "1000"
PGID: "1000"
TZ: "UTC"
N8N_SECURE_COOKIE: ""
ports:
- "5678:5678"
volumes:
- "/path/to/containers/n8n:/config"| Variable | Default | Description |
|---|---|---|
N8N_ENCRYPTION_KEY |
your-encryption-key-here |
Encryption key for credentials (keep safe!) |
PUID |
1000 |
User ID for the application process |
PGID |
1000 |
Group ID for the application process |
TZ |
UTC |
Timezone for the container |
N8N_SECURE_COOKIE |
`` | Set to false if accessing over HTTP without TLS |
| Path | Description |
|---|---|
/config |
Configuration directory (database, workflows) |
| Port | Protocol | Description |
|---|---|---|
5678 |
TCP | Web UI |
Architectures: amd64
User: bsd (UID/GID via PUID/PGID, defaults to 1000:1000)
Base: FreeBSD 15.1
Need help? Join our Discord community.