Automate n8n Backups: Secure Your Workflows with GitHub

By Tomer Klein

In the realm of automation, n8n stands out as a powerful tool for creating complex workflows with ease. However, as with any system, safeguarding your configurations is paramount. Imagine losing all your meticulously crafted workflows and credentials due to an unforeseen error. To prevent such scenarios, automating backups becomes essential.

This article delves into a robust method for backing up your n8n workflows and credentials using Git, ensuring your automation efforts are securely version-controlled and fully recoverable.

Why Automate n8n Backups?

Manual backups are prone to oversight and can be time-consuming. Automating the backup process offers several advantages:

• Consistency: Regular backups without manual intervention.
• Version Control: Track changes over time, revert to previous states, and collaborate effectively.
• Security: Safeguard against data loss due to system failures or human errors. n8n Community+1n8n+1GitHub

By integrating Git into your backup strategy, you leverage a proven system for tracking and managing changes.

Setting Up Automated Backups with GitHub

The n8n community provides a workflow template designed to automate the backup of workflows and credentials to a Git repository. This setup ensures that only changes trigger commits, maintaining a clean and efficient version history.

Prerequisites

• Server Access: Ensure you have access to the server where n8n is hosted.
• Git Repository: Create a remote repository on platforms like GitHub or GitLab.
• Git Configuration: Set up Git on your server with appropriate user credentials.

Setting up the Backup

Step 1: Prepare the container

It’s highly recommended to use a persistent volume to prevent SSH key loss during container update or re-creation. To do so, add the following line to your Docker-Compose file under the volumes section:

- ./n8n/.ssh:/home/node/.ssh
- ./n8n/backup:/home/node/backup        

And run the following command to apply the changes:

docker-compose up -d        

Step 2: Create SSH keys to connect to your repo

First, on the host machine, run the following command to create the ssh keys:

ssh-keygen -t rsa -b 4096 -f ./n8n/.ssh/id_rsa        

The output should look like the following:

Two files will be created under this path:

• Private key: id_rsa
• Public key: id_rsa.pub

Create an empty file named “known_hosts”:

touch n8n/.ssh/known_hosts        

And then set the correct permissions to allow the container to use it:

sudo chown 1000:1000 ./n8n/.ssh/id_rsa 
sudo chown 1000:1000 ./n8n/.ssh/id_rsa.pub 
sudo chown 1000:1000 ./n8n/.ssh/known_hosts        

Copy the content of the “id_rsa.pub” and add it to your GitHub SSH keys under settings:

Click on “New SSH key”:

Give it a title, paste the key to the textbox, and click on “Add SSH key.”

Step 3: Clone the repository and prepare it for first use

First, let’s set the permissions of the backup folder using the following command on the host machine:

sudo chown -R 1000:1000 ./n8n/backup/        

Restart the container to apply the changes.

sudo docker restart n8n        

Now run the following command to clone the repo:

docker exec -it n8n git clone git@github.com:yourusername/your-n8n-backups.git /home/node/backup/repo        

Now, run the following commands to configure your repo for the first time:

#Configure username and email:
docker exec -it n8n git -C backup/repo config user.name "Your name"
docker exec -it n8n git -C backup/repo config user.email "Your email address"

#Push empty commit for testing:
docker exec -it n8n git -C backup/repo commit --allow-empty -m "Initial commit"
docker exec -it n8n git -C backup/repo push -u origin main        

If everything is ok and no error occurred, we can now set the backup workflow.

Step 4: Setting up the backup flow

Log on to your n8n instance and create a new flow:

Now, copy the following JSON:

{
  "id": "15",
  "name": "Tools / Backup Gitlab",
  "nodes": [
    {
      "name": "On clicking 'execute'",
      "type": "n8n-nodes-base.manualTrigger",
      "position": [
        250,
        400
      ],
      "parameters": {},
      "typeVersion": 1
    },
    {
      "name": "Export Workflows",
      "type": "n8n-nodes-base.executeCommand",
      "position": [
        450,
        300
      ],
      "parameters": {
        "command": "npx n8n export:workflow --backup --output repo/workflows/"
      },
      "typeVersion": 1
    },
    {
      "name": "Export Credentials",
      "type": "n8n-nodes-base.executeCommand",
      "position": [
        600,
        300
      ],
      "parameters": {
        "command": "npx n8n export:credentials --backup --output repo/credentials/"
      },
      "typeVersion": 1
    },
    {
      "name": "git add",
      "type": "n8n-nodes-base.executeCommand",
      "position": [
        750,
        300
      ],
      "parameters": {
        "command": "git -C repo add ."
      },
      "typeVersion": 1
    },
    {
      "name": "git commit",
      "type": "n8n-nodes-base.executeCommand",
      "position": [
        900,
        300
      ],
      "parameters": {
        "command": "=git -C repo commit -m "Auto backup ({{ new Date().toISOString() }})""
      },
      "typeVersion": 1
    },
    {
      "name": "git push",
      "type": "n8n-nodes-base.executeCommand",
      "position": [
        1050,
        300
      ],
      "parameters": {
        "command": "git -C repo push"
      },
      "typeVersion": 1
    },
    {
      "name": "Cron",
      "type": "n8n-nodes-base.cron",
      "position": [
        250,
        200
      ],
      "parameters": {
        "triggerTimes": {
          "item": [
            {
              "hour": 0
            },
            {
              "hour": 12
            },
            {
              "hour": 6
            },
            {
              "hour": 18
            }
          ]
        }
      },
      "typeVersion": 1
    }
  ],
  "active": true,
  "settings": {},
  "connections": {
    "Cron": {
      "main": [
        [
          {
            "node": "Export Workflows",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "git add": {
      "main": [
        [
          {
            "node": "git commit",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "git commit": {
      "main": [
        [
          {
            "node": "git push",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "Export Workflows": {
      "main": [
        [
          {
            "node": "Export Credentials",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "Export Credentials": {
      "main": [
        [
          {
            "node": "git add",
            "type": "main",
            "index": 0
          }
        ]
      ]
    },
    "On clicking 'execute'": {
      "main": [
        [
          {
            "node": "Export Workflows",
            "type": "main",
            "index": 0
          }
        ]
      ]
    }
  }
}        

And paste it into your newly created flow. The flow should look like this:

As you can see, there are two triggers:

• Cron-based trigger runs every midnight.
• Manual trigger.

Click on “Test workflow” to verify it’s working as expected. Once the flow is done running, you will be able to see your backup files in your GitHub repo:

 Credentials

For security reasons, the exported credentials are encrypted. In order to restore the credentials after system reinstallation, you must save the current encryption key, located in the config file:

{
 "encryptionKey": "Houston, we have a problem"
}        

Wrapping up

Automating n8n backups with GitHub gives you bulletproof automation resilience. Your workflows and credentials are safe, versioned, and easily restorable. This setup is easy to implement, requires little maintenance, and scales from solo makers to enterprise teams.

More about the topic coming soon - don't forget to subscribe!