⚙️ Environment Variables Configuration

Configuration Settings

Environment variables là cách configure n8n cho production. Bài này covers tất cả settings quan trọng bạn cần biết.

Environment Variables Basics

How to Set:

Bash

1# Method 1: Docker run
2docker run -e VAR_NAME=value n8nio/n8n
3 
4# Method 2: docker-compose.yml
5services:
6  n8n:
7    environment:
8      - VAR_NAME=value
9      
10# Method 3: .env file
11VAR_NAME=value
12 
13# Method 4: Export (dev only)
14export VAR_NAME=value

Priority (highest to lowest):

Text

11. Command line -e flags
22. docker-compose.yml environment
33. .env file
44. Default values

Core Settings

Basic Configuration:

Bash

1# Instance Settings
2N8N_HOST=n8n.yourdomain.com
3N8N_PORT=5678
4N8N_PROTOCOL=https
5 
6# Webhook URL (Critical!)
7WEBHOOK_URL=https://n8n.yourdomain.com/
8 
9# Editor Base URL
10N8N_EDITOR_BASE_URL=https://n8n.yourdomain.com/
11 
12# Timezone
13GENERIC_TIMEZONE=Asia/Ho_Chi_Minh
14TZ=Asia/Ho_Chi_Minh

Important

WEBHOOK_URL phải match với public URL của n8n. Webhooks sẽ không work nếu sai!

Path Settings:

Bash

1# Data folder location
2N8N_USER_FOLDER=/home/node/.n8n
3 
4# Config file path
5N8N_CONFIG_FILES=/config/custom.json
6 
7# Custom nodes path
8N8N_CUSTOM_EXTENSIONS=/custom-nodes

Database Configuration

SQLite (Default):

Bash

1# Default, no config needed
2# Data stored in N8N_USER_FOLDER/database.sqlite

PostgreSQL:

Bash

1DB_TYPE=postgresdb
2DB_POSTGRESDB_HOST=postgres
3DB_POSTGRESDB_PORT=5432
4DB_POSTGRESDB_DATABASE=n8n
5DB_POSTGRESDB_USER=n8n
6DB_POSTGRESDB_PASSWORD=secure_password
7DB_POSTGRESDB_SCHEMA=public
8 
9# Optional: SSL connection
10DB_POSTGRESDB_SSL_CA=/path/to/ca.crt
11DB_POSTGRESDB_SSL_CERT=/path/to/client.crt
12DB_POSTGRESDB_SSL_KEY=/path/to/client.key
13DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=true

MySQL:

Bash

1DB_TYPE=mysqldb
2DB_MYSQLDB_HOST=mysql
3DB_MYSQLDB_PORT=3306
4DB_MYSQLDB_DATABASE=n8n
5DB_MYSQLDB_USER=n8n
6DB_MYSQLDB_PASSWORD=secure_password

Connection Pool:

Bash

1# Tune for performance
2DB_POSTGRESDB_POOL_SIZE=10

Authentication

Basic Auth (Simple):

Bash

1N8N_BASIC_AUTH_ACTIVE=true
2N8N_BASIC_AUTH_USER=admin
3N8N_BASIC_AUTH_PASSWORD=super_secure_password_123
4 
5# Hash the password (optional, more secure)
6N8N_BASIC_AUTH_HASH=true

JWT Auth (For API access):

Bash

1N8N_JWT_AUTH_ACTIVE=true
2N8N_JWT_AUTH_HEADER=Authorization
3N8N_JWKS_URI=https://your-auth-server/.well-known/jwks.json

User Management (Enterprise-like):

Bash

1# Enable user management
2N8N_USER_MANAGEMENT_DISABLED=false
3 
4# Email config for invitations
5N8N_EMAIL_MODE=smtp
6N8N_SMTP_HOST=smtp.gmail.com
7N8N_SMTP_PORT=587
8N8N_SMTP_USER=your@email.com
9N8N_SMTP_PASS=app_password
10N8N_SMTP_SENDER=noreply@yourdomain.com
11N8N_SMTP_SSL=true

Execution Settings

Execution Mode:

Bash

1# Regular mode (default)
2EXECUTIONS_MODE=regular
3 
4# Queue mode (for scaling)
5EXECUTIONS_MODE=queue
6QUEUE_BULL_REDIS_HOST=redis
7QUEUE_BULL_REDIS_PORT=6379
8QUEUE_BULL_REDIS_PASSWORD=redis_password
9QUEUE_BULL_REDIS_DB=0

Execution Limits:

Bash

1# Timeout (milliseconds, -1 = no limit)
2EXECUTIONS_TIMEOUT=3600000      # 1 hour
3EXECUTIONS_TIMEOUT_MAX=7200000  # 2 hours max
4 
5# Data size limits
6N8N_PAYLOAD_SIZE_MAX=16         # MB
7 
8# Process limits
9EXECUTIONS_PROCESS=own          # "own" or "main"

Execution Data Retention:

Bash

1# Auto-prune old executions
2EXECUTIONS_DATA_PRUNE=true
3EXECUTIONS_DATA_MAX_AGE=168     # Hours (168 = 7 days)
4EXECUTIONS_DATA_SAVE_ON_ERROR=all
5EXECUTIONS_DATA_SAVE_ON_SUCCESS=all
6EXECUTIONS_DATA_SAVE_ON_PROGRESS=false
7EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=true

Concurrency:

Bash

1# Max concurrent executions
2N8N_CONCURRENCY_PRODUCTION_LIMIT=20
3 
4# For queue mode
5QUEUE_BULL_REDIS_TIMEOUT_THRESHOLD=30000
6QUEUE_RECOVERY_INTERVAL=60

Webhook Settings

Webhook Configuration:

Bash

1# Base URL for webhooks
2WEBHOOK_URL=https://n8n.yourdomain.com/
3 
4# Webhook path prefix
5N8N_PATH=/
6 
7# Disable tunnel (production)
8N8N_TUNNEL_DISABLED=true

Webhook Security:

Bash

1# Allowed webhook methods
2N8N_WEBHOOK_METHODS=GET,POST,PUT,DELETE
3 
4# Custom headers
5N8N_HEADER_FORWARDED=X-Forwarded-For

Security Settings

Encryption:

Bash

1# Encryption key for credentials (Auto-generated if not set)
2N8N_ENCRYPTION_KEY=your-32-char-encryption-key-here
3 
4# IMPORTANT: Back this up! Can't decrypt credentials without it

IP Restrictions:

Bash

1# Restrict editor access by IP
2N8N_EDITOR_ACCESS_ALLOWED_IPS=192.168.1.0/24,10.0.0.0/8

Disable Features:

Bash

1# Disable execution test feature
2N8N_DISABLE_UI=false
3 
4# Disable production webhook test
5N8N_DISABLE_PRODUCTION_MAIN_PROCESS=false

Logging

Log Configuration:

Bash

1# Log level
2N8N_LOG_LEVEL=info    # error, warn, info, verbose, debug
3 
4# Log output
5N8N_LOG_OUTPUT=console,file
6 
7# Log file location
8N8N_LOG_FILE_LOCATION=/logs/n8n.log
9N8N_LOG_FILE_SIZE_MAX=50  # MB
10N8N_LOG_FILE_COUNT_MAX=100

Error Tracking:

Bash

1# Sentry integration
2N8N_SENTRY_DSN=https://xxx@sentry.io/xxx
3 
4# Diagnostics
5N8N_DIAGNOSTICS_ENABLED=true
6N8N_DIAGNOSTICS_CONFIG_FRONTEND=
7N8N_DIAGNOSTICS_CONFIG_BACKEND=

Performance Tuning

Memory & CPU:

Bash

1# Node.js memory limit
2NODE_OPTIONS=--max-old-space-size=4096
3 
4# Worker threads
5N8N_RUNNERS_N8N_TASK_BROKER_URI=localhost:5679

Lazy Loading:

Bash

1# Load nodes on demand
2N8N_LAZY_LOAD_NODES=true
3 
4# Pre-warm certain nodes
5N8N_PRE_LOADED_NODES=n8n-nodes-base.Webhook,n8n-nodes-base.Http

External Services

S3 for Binary Data:

Bash

1# Store binary data in S3 (recommended for production)
2N8N_AVAILABLE_BINARY_DATA_MODES=filesystem,s3
3N8N_DEFAULT_BINARY_DATA_MODE=s3
4 
5# S3 Configuration
6N8N_EXTERNAL_STORAGE_S3_HOST=s3.amazonaws.com
7N8N_EXTERNAL_STORAGE_S3_BUCKET_NAME=n8n-binary-data
8N8N_EXTERNAL_STORAGE_S3_BUCKET_REGION=ap-southeast-1
9N8N_EXTERNAL_STORAGE_S3_ACCESS_KEY=AKIA...
10N8N_EXTERNAL_STORAGE_S3_ACCESS_SECRET=xxx

External Hooks:

Bash

1# Custom hooks
2EXTERNAL_HOOK_FILES=/hooks/custom.js

Complete Production .env

Bash

1# ===================================
2# N8N PRODUCTION CONFIGURATION
3# ===================================
4 
5# ----- CORE -----
6N8N_HOST=n8n.yourdomain.com
7N8N_PORT=5678
8N8N_PROTOCOL=https
9WEBHOOK_URL=https://n8n.yourdomain.com/
10N8N_EDITOR_BASE_URL=https://n8n.yourdomain.com/
11 
12# ----- TIMEZONE -----
13GENERIC_TIMEZONE=Asia/Ho_Chi_Minh
14TZ=Asia/Ho_Chi_Minh
15 
16# ----- DATABASE -----
17DB_TYPE=postgresdb
18DB_POSTGRESDB_HOST=postgres
19DB_POSTGRESDB_PORT=5432
20DB_POSTGRESDB_DATABASE=n8n
21DB_POSTGRESDB_USER=n8n
22DB_POSTGRESDB_PASSWORD=CHANGE_THIS_PASSWORD
23 
24# ----- AUTHENTICATION -----
25N8N_BASIC_AUTH_ACTIVE=true
26N8N_BASIC_AUTH_USER=admin
27N8N_BASIC_AUTH_PASSWORD=CHANGE_THIS_PASSWORD
28 
29# ----- SECURITY -----
30N8N_ENCRYPTION_KEY=GENERATE_32_CHAR_KEY_HERE
31N8N_TUNNEL_DISABLED=true
32 
33# ----- EXECUTION -----
34EXECUTIONS_MODE=regular
35EXECUTIONS_TIMEOUT=3600000
36EXECUTIONS_DATA_PRUNE=true
37EXECUTIONS_DATA_MAX_AGE=168
38N8N_CONCURRENCY_PRODUCTION_LIMIT=20
39 
40# ----- LOGGING -----
41N8N_LOG_LEVEL=info
42N8N_LOG_OUTPUT=console
43 
44# ----- PERFORMANCE -----
45NODE_OPTIONS=--max-old-space-size=2048

Environment Variables Reference

Quick Reference Table:

Text

1CATEGORY        VARIABLE                      DEFAULT
2─────────────────────────────────────────────────────────
3Core            N8N_HOST                      localhost
4                N8N_PORT                      5678
5                N8N_PROTOCOL                  http
6                WEBHOOK_URL                   http://localhost:5678/
7 
8Database        DB_TYPE                       sqlite
9                DB_POSTGRESDB_*               (various)
10 
11Auth            N8N_BASIC_AUTH_ACTIVE         false
12                N8N_BASIC_AUTH_USER           -
13                N8N_BASIC_AUTH_PASSWORD       -
14 
15Execution       EXECUTIONS_MODE               regular
16                EXECUTIONS_TIMEOUT            -1
17                EXECUTIONS_DATA_PRUNE         false
18 
19Queue           QUEUE_BULL_REDIS_HOST         localhost
20                QUEUE_BULL_REDIS_PORT         6379
21 
22Logging         N8N_LOG_LEVEL                 info
23                N8N_LOG_OUTPUT                console

Bài Tập Thực Hành

Configuration Exercise

Create your production .env:

Copy template above
Generate encryption key:
Bash
```
1openssl rand -hex 16
```
Generate passwords:
Bash
```
1openssl rand -base64 24
```
Configure database settings
Test locally with docker-compose
Verify webhooks work

Store .env securely (never in git)! 🔐

Key Takeaways

Remember

🔑 N8N_ENCRYPTION_KEY - Back it up!
🌐 WEBHOOK_URL - Must match public URL
🔒 Strong passwords - Generate, don't guess
📝 Document - Keep track of what you changed
🚫 Never commit .env to version control

Bài tiếp theo: Database Setup - PostgreSQL setup chi tiết, migrations, và optimization.

⚙️ Environment Variables Configuration

Environment Variables Basics

How to Set:

Priority (highest to lowest):

Core Settings

Basic Configuration:

Path Settings:

Database Configuration

SQLite (Default):

PostgreSQL:

MySQL:

Connection Pool:

Authentication

Basic Auth (Simple):

JWT Auth (For API access):

User Management (Enterprise-like):

Execution Settings

Execution Mode:

Execution Limits:

Execution Data Retention:

Concurrency:

Webhook Settings

Webhook Configuration:

Webhook Security:

Security Settings

Encryption:

IP Restrictions:

Disable Features:

Logging

Log Configuration:

Error Tracking:

Performance Tuning

Memory & CPU:

Lazy Loading:

External Services

S3 for Binary Data:

External Hooks:

Complete Production .env

Environment Variables Reference

Quick Reference Table:

Bài Tập Thực Hành

Key Takeaways

Tiếp Theo