2025-08-23
I recently set up n8n, a powerful workflow automation platform, on my local PC and made it accessible via my custom domain using Cloudflare Tunnels. This setup gives me a secure, always-on automation platform without exposing ports or dealing with traditional VPN configurations.
n8n is an open-source workflow automation tool that's essentially a self-hosted alternative to services like Zapier or Make. What drew me to it was the ability to host it myself, have complete control over my data, and create complex automations without monthly subscription fees.
I've been exploring workflow automation as a way to streamline repetitive tasks and integrate different services I use. Being able to self-host this on my own infrastructure means I can experiment freely and build automations that connect to internal services running on my network.
The main challenge with self-hosting any application is making it securely accessible from outside your local network. Traditional approaches involve:
I wanted something more elegant that provided HTTPS by default and didn't require opening ports on my router.
Cloudflare Tunnels (part of Cloudflare Zero Trust) creates a secure, outbound-only connection from your local network to Cloudflare's edge. Your application connects to Cloudflare rather than the internet connecting to you—meaning no open ports and no exposed IP address.
The setup is surprisingly straightforward:
First, I set up Cloudflare Zero Trust and created a tunnel. This generates a token that identifies your tunnel to Cloudflare's network. The Zero Trust dashboard makes this process intuitive—you define which internal service you want to expose and what domain/subdomain should point to it.
Rather than installing the Cloudflare daemon directly on my host, I ran it as a Docker container. This keeps everything containerized and makes the setup reproducible.
The tunnel establishes an outbound connection to Cloudflare and waits for incoming requests to route back to my local services.
With the tunnel ready, I deployed n8n using Docker with persistent storage.
The key here is mounting a volume for persistent storage—this ensures workflows, credentials, and configurations survive container restarts.
In the Cloudflare Zero Trust dashboard, I configured the tunnel to route traffic from my custom domain (for example n8n.amri.dev) to localhost:5678 where n8n is running. Cloudflare automatically handles SSL/TLS certificates, so the connection is HTTPS by default.
Now I have n8n accessible from anywhere via a proper domain with HTTPS, without exposing any ports or setting up complex networking. Some automations I'm building:
The beauty of this setup is that n8n can connect to both external APIs and internal services on my network—making it a powerful bridge between the public internet and my local infrastructure.
This project reinforced a few important concepts:
Containerization is powerful - Having both n8n and the Cloudflare tunnel in containers makes the setup clean, reproducible, and easy to maintain. If something breaks, I can tear it down and recreate it in minutes.
Zero Trust is the future - Traditional security models of "inside vs outside the network" are giving way to Zero Trust approaches where you verify every connection. Cloudflare Tunnels embody this—there's no implicit trust just because something is on your network.
Self-hosting gives you control - While cloud services are convenient, self-hosting means I own my data, can customize everything, and don't have usage limits or monthly fees. For learning and experimentation, this is invaluable.
With n8n running and accessible, I'm planning to:
If you're interested in workflow automation or self-hosting, I highly recommend trying out n8n. The combination with Cloudflare Tunnels creates a secure, professional setup that's surprisingly easy to maintain.
Tech Stack: Docker, n8n, Cloudflare Zero Trust, Cloudflare Tunnels