# 1. 独立的命名空间 apiVersion: v1 kind: Namespace metadata: name: n8n-system --- # 2. 数据持久化 (保存工作流和账号信息) apiVersion: v1 kind: PersistentVolumeClaim metadata: name: n8n-pvc namespace: n8n-system spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 5Gi --- # 3. 核心应用 apiVersion: apps/v1 kind: Deployment metadata: name: n8n namespace: n8n-system labels: app: n8n spec: replicas: 1 selector: matchLabels: app: n8n template: metadata: labels: app: n8n spec: securityContext: fsGroup: 1000 containers: - name: n8n image: n8nio/n8n:latest securityContext: runAsUser: 1000 runAsGroup: 1000 ports: - containerPort: 5678 env: # ▼▼▼ 关键配置 ▼▼▼ - name: N8N_HOST value: "n8n.u9.net3w.com" - name: N8N_PORT value: "5678" - name: N8N_PROTOCOL value: "https" - name: WEBHOOK_URL value: "https://n8n.u9.net3w.com/" # 时区设置 (方便定时任务) - name: GENERIC_TIMEZONE value: "Asia/Shanghai" - name: TZ value: "Asia/Shanghai" # 禁用 n8n 的一些统计收集 - name: N8N_DIAGNOSTICS_ENABLED value: "false" volumeMounts: - name: data mountPath: /home/node/.n8n volumes: - name: data persistentVolumeClaim: claimName: n8n-pvc --- # 4. 服务暴露 apiVersion: v1 kind: Service metadata: name: n8n-service namespace: n8n-system spec: selector: app: n8n ports: - protocol: TCP port: 80 targetPort: 5678 --- # 5. Ingress (自动 HTTPS) apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: n8n-ingress namespace: n8n-system annotations: cert-manager.io/cluster-issuer: letsencrypt-prod spec: tls: - hosts: - n8n.u9.net3w.com secretName: n8n-tls rules: - host: n8n.u9.net3w.com http: paths: - path: / pathType: Prefix backend: service: name: n8n-service port: number: 80