Add N8N and network changes

install.sh

@@ -83,19 +83,18 @@ if [ "$(pwd)" != "$HOME/dotfiles" ]; then
    sudo apt update
    sudo apt install -y git
    if ! git clone https://git.trude.dev/trude/dotfiles --depth 1; then
-      echo "${RED}Error cloning dotfiles repository. Exiting...${NC}"
+      echo "${RED}Error cloning dotfiles repository. Update skipped...${NC}"
-      exit 2
    fi
    cd dotfiles || exit
    echo "${GREEN}dotfiles repository cloned successfully.${NC}"
-else
+# else
-   echo "${YELLOW}Updating dotfiles repository...${NC}"
+#    echo "${YELLOW}Updating dotfiles repository...${NC}"
-   pull_output=$(git pull)
+#    pull_output=$(git pull)
-   echo "$pull_output"
+#    echo "$pull_output"
-   if ! echo "$pull_output" | grep -q "Already up to date."; then
+#    if ! echo "$pull_output" | grep -q "Already up to date."; then
-      echo "${YELLOW}Changes detected. Re-running script...${NC}"
+#       echo "${YELLOW}Changes detected. Re-running script...${NC}"
-      exec "$0" "$@"
+#       exec "$0" "$@"
-   fi
+#    fi
 fi
 
 mkdir -p "$HOME/dotfiles/logs"

server/docker-compose.yml

@@ -18,10 +18,12 @@ services:
     volumes:
       - ${NGINX_DATA}:/data
       - ${NGINX_LETSENCRYPT}:/etc/letsencrypt
+    networks:
+      - server-network
 
   # --- Immich Server ---
-  immich-server:
+  immich-server: # immich-server:2283
-    container_name: immich_server
+    container_name: immich-server
     image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
     # extends:
     #   file: hwaccel.transcoding.yml
@@ -32,17 +34,17 @@ services:
       - /etc/localtime:/etc/localtime:ro
     env_file:
       - .env
-    ports:
-      - "2283:2283"
     depends_on:
       - redis
       - database
-    restart: always
+    restart: unless-stopped
     healthcheck:
       disable: false
+    networks:
+      - server-network
 
   immich-machine-learning:
-    container_name: immich_machine_learning
+    container_name: immich-machine-learning
     # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
     # Example tag: ${IMMICH_VERSION:-release}-cuda
     image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
@@ -53,19 +55,23 @@ services:
       - model-cache:/cache
     env_file:
       - .env
-    restart: always
+    restart: unless-stopped
     healthcheck:
       disable: false
+    networks:
+      - server-network
 
   redis:
-    container_name: immich_redis
+    container_name: immich-redis
     image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
     healthcheck:
       test: redis-cli ping || exit 1
-    restart: always
+    restart: unless-stopped
+    networks:
+      - server-network
 
   database:
-    container_name: immich_postgres
+    container_name: immich-postgres
     image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0
     environment:
       POSTGRES_PASSWORD: ${IMMICH_DB_PASSWORD}
@@ -77,7 +83,9 @@ services:
     volumes:
       # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
       - ${IMMICH_DB_DATA_LOCATION}:/var/lib/postgresql/data
-    restart: always
+    restart: unless-stopped
+    networks:
+      - server-network
 
   # --- Home Assistant ---
   homeassistant:
@@ -196,7 +204,7 @@ services:
   #   restart: unless-stopped
 
   # --- File Browser ---
-  filebrowser:
+  filebrowser: # Replace with nextcloud
     image: filebrowser/filebrowser:latest
     container_name: filebrowser
     restart: unless-stopped
@@ -241,5 +249,33 @@ services:
     env_file:
       - .env
 
+  # --- N8n Automation ---
+  n8n:
+    image: n8nio/n8n:latest
+    restart: always
+    # N8n will not be directly exposed to the host, Nginx Proxy Manager will proxy to it
+    # Therefore, no 'ports' mapping is needed here for external access.
+    # It will be accessible on the Docker network by Nginx Proxy Manager.
+    environment:
+      - N8N_HOST=${N8N_HOST}
+      - N8N_PORT=5678
+      - N8N_PROTOCOL=https # Nginx Proxy Manager will handle HTTPS
+      - NODE_ENV=production
+      - WEBHOOK_URL=https://${N8N_HOST}/
+      - GENERIC_TIMEZONE=${TZ}
+      - N8N_RUNNERS_ENABLED=true
+      - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true
+    volumes:
+      - ${N8N_DATA}:/home/node/.n8n
+      - ${N8N_FILES}:/files
+    env_file:
+      - .env
+
 volumes:
   model-cache:
+
+networks:
+  server-network:
+    driver: bridge
+  homeassistant-network:
+    driver: bridge

server/domains.md

@@ -10,6 +10,7 @@
   - muc.trude.dev    (group chats)
   - share.trude.dev  (file sharing)
   - proxy.trude.dev  (compatibility)
+- n8n.trude.dev
 
 ## Tailscale Access / Local
 

server/install-docker.sh

@@ -37,3 +37,7 @@ sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin d
 
 echo "Docker installation complete!"
 docker --version
+
+echo "Allowing Docker use without sudo..."
+sudo usermod -aG docker ${USER}
+exec sg docker newgrp