k8s/apps/n8n/deployment-main.yaml

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: n8n-main
  labels:
    app: n8n
    component: main
spec:
  replicas: 1
  selector:
    matchLabels:
      app: n8n
      component: main
  template:
    metadata:
      labels:
        app: n8n
        component: main
    spec:
      serviceAccountName: n8n
      initContainers:
      - name: install-tools
        image: alpine:3.22
        command:
        - /bin/sh
        - -c
        - |
          set -e
          if [ -x /tools/kubectl ]; then
            echo "kubectl already exists, skipping download"
            /tools/kubectl version --client
            exit 0
          fi
          echo "Downloading kubectl..."
          ARCH=$(uname -m)
          case $ARCH in
            x86_64) ARCH="amd64" ;;
            aarch64) ARCH="arm64" ;;
          esac
          wget -O /tools/kubectl "https://dl.k8s.io/release/$(wget -qO- https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl"
          chmod +x /tools/kubectl
          /tools/kubectl version --client
        volumeMounts:
        - name: tools
          mountPath: /tools
        securityContext:
          runAsUser: 1000
          runAsGroup: 1000
          runAsNonRoot: true
      containers:
      - name: n8n
        image: docker.n8n.io/n8nio/n8n:latest
        ports:
        - containerPort: 5678
          name: http
        env:
        - name: PATH
          value: "/opt/tools:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
        - name: HOME
          value: "/home/node"
        - name: N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS
          value: "true"
        - name: NODES_EXCLUDE
          value: "[]"
        - name: N8N_HOST
          value: "n8n.hexor.cy"
        - name: N8N_PORT
          value: "5678"
        - name: N8N_PROTOCOL
          value: "https"
        - name: N8N_RUNNERS_ENABLED
          value: "true"
        - name: N8N_RUNNERS_MODE
          value: "external"
        - name: EXECUTIONS_MODE
          value: "queue"
        - name: QUEUE_BULL_REDIS_HOST
          value: "n8n-redis"
        - name: NODE_ENV
          value: "production"
        - name: WEBHOOK_URL
          value: "https://n8n.hexor.cy/"
        - name: GENERIC_TIMEZONE
          value: "Europe/Moscow"
        - name: TZ
          value: "Europe/Moscow"
        - name: DB_TYPE
          value: "postgresdb"
        - name: DB_POSTGRESDB_HOST
          value: "psql.psql.svc"
        - name: DB_POSTGRESDB_DATABASE
          value: "n8n"
        - name: DB_POSTGRESDB_USER
          valueFrom:
            secretKeyRef:
              name: credentials
              key: username
        - name: DB_POSTGRESDB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: credentials
              key: password
        - name: N8N_ENCRYPTION_KEY
          valueFrom:
            secretKeyRef:
              name: credentials
              key: encryptionkey
        - name: N8N_RUNNERS_AUTH_TOKEN
          valueFrom:
            secretKeyRef:
              name: credentials
              key: runnertoken
        volumeMounts:
        - name: n8n-data
          mountPath: /home/node/.n8n
        - name: tools
          mountPath: /opt/tools
        resources:
          requests:
            cpu: 2000m
            memory: 512Mi
          limits:
            cpu: 4000m
            memory: 2048Gi
        livenessProbe:
          httpGet:
            path: /healthz
            port: http
          initialDelaySeconds: 120
          periodSeconds: 30
          timeoutSeconds: 10
          failureThreshold: 6
        readinessProbe:
          httpGet:
            path: /healthz/readiness
            port: http
          initialDelaySeconds: 60
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 10
      volumes:
      - name: n8n-data
        persistentVolumeClaim:
          claimName: n8n-data
      - name: tools
        persistentVolumeClaim:
          claimName: n8n-tools
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        runAsNonRoot: true
        fsGroup: 1000
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`---`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: n8n-main`
			`labels:`
			`app: n8n`
			`component: main`
			`spec:`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: n8n`
			`component: main`
			`template:`
			`metadata:`
			`labels:`
			`app: n8n`
			`component: main`
			`spec:`
moved to manifests from chart 2026-02-05 19:06:55 +02:00			`serviceAccountName: n8n`
Added kubectl to n8n 2026-02-08 01:35:26 +02:00			`initContainers:`
			`- name: install-tools`
			`image: alpine:3.22`
			`command:`
			`- /bin/sh`
			`- -c`
			`- \|`
			`set -e`
			`if [ -x /tools/kubectl ]; then`
			`echo "kubectl already exists, skipping download"`
			`/tools/kubectl version --client`
			`exit 0`
			`fi`
			`echo "Downloading kubectl..."`
			`ARCH=$(uname -m)`
			`case $ARCH in`
			`x86_64) ARCH="amd64" ;;`
			`aarch64) ARCH="arm64" ;;`
			`esac`
			`wget -O /tools/kubectl "https://dl.k8s.io/release/$(wget -qO- https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl"`
			`chmod +x /tools/kubectl`
			`/tools/kubectl version --client`
			`volumeMounts:`
			`- name: tools`
			`mountPath: /tools`
			`securityContext:`
			`runAsUser: 1000`
			`runAsGroup: 1000`
			`runAsNonRoot: true`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`containers:`
			`- name: n8n`
			`image: docker.n8n.io/n8nio/n8n:latest`
			`ports:`
			`- containerPort: 5678`
			`name: http`
			`env:`
Added kubectl to n8n 2026-02-08 01:35:26 +02:00			`- name: PATH`
			`value: "/opt/tools:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"`
moved to manifests from chart 2026-02-05 17:55:41 +02:00			`- name: HOME`
			`value: "/home/node"`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`- name: N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS`
			`value: "true"`
moved to manifests from chart 2026-02-05 18:43:04 +02:00			`- name: NODES_EXCLUDE`
			`value: "[]"`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`- name: N8N_HOST`
			`value: "n8n.hexor.cy"`
			`- name: N8N_PORT`
			`value: "5678"`
			`- name: N8N_PROTOCOL`
			`value: "https"`
			`- name: N8N_RUNNERS_ENABLED`
			`value: "true"`
			`- name: N8N_RUNNERS_MODE`
			`value: "external"`
			`- name: EXECUTIONS_MODE`
			`value: "queue"`
			`- name: QUEUE_BULL_REDIS_HOST`
			`value: "n8n-redis"`
			`- name: NODE_ENV`
			`value: "production"`
			`- name: WEBHOOK_URL`
			`value: "https://n8n.hexor.cy/"`
			`- name: GENERIC_TIMEZONE`
			`value: "Europe/Moscow"`
			`- name: TZ`
			`value: "Europe/Moscow"`
			`- name: DB_TYPE`
			`value: "postgresdb"`
			`- name: DB_POSTGRESDB_HOST`
			`value: "psql.psql.svc"`
			`- name: DB_POSTGRESDB_DATABASE`
			`value: "n8n"`
			`- name: DB_POSTGRESDB_USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: credentials`
			`key: username`
			`- name: DB_POSTGRESDB_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: credentials`
			`key: password`
			`- name: N8N_ENCRYPTION_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: credentials`
			`key: encryptionkey`
moved to manifests from chart 2026-02-05 18:15:37 +02:00			`- name: N8N_RUNNERS_AUTH_TOKEN`
			`valueFrom:`
			`secretKeyRef:`
			`name: credentials`
			`key: runnertoken`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`volumeMounts:`
			`- name: n8n-data`
			`mountPath: /home/node/.n8n`
Added kubectl to n8n 2026-02-08 01:35:26 +02:00			`- name: tools`
			`mountPath: /opt/tools`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`resources:`
			`requests:`
Update k8s/apps/n8n/deployment-main.yaml 2026-02-06 12:56:10 +00:00			`cpu: 2000m`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`memory: 512Mi`
Update k8s/apps/n8n/deployment-main.yaml 2026-02-06 12:56:10 +00:00			`limits:`
			`cpu: 4000m`
			`memory: 2048Gi`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`livenessProbe:`
			`httpGet:`
			`path: /healthz`
			`port: http`
			`initialDelaySeconds: 120`
			`periodSeconds: 30`
			`timeoutSeconds: 10`
			`failureThreshold: 6`
			`readinessProbe:`
			`httpGet:`
			`path: /healthz/readiness`
			`port: http`
			`initialDelaySeconds: 60`
			`periodSeconds: 10`
			`timeoutSeconds: 5`
			`failureThreshold: 10`
			`volumes:`
			`- name: n8n-data`
			`persistentVolumeClaim:`
			`claimName: n8n-data`
Added kubectl to n8n 2026-02-08 01:35:26 +02:00			`- name: tools`
			`persistentVolumeClaim:`
			`claimName: n8n-tools`
moved to manifests from chart 2026-02-05 17:39:42 +02:00			`securityContext:`
moved to manifests from chart 2026-02-05 17:57:22 +02:00			`runAsUser: 1000`
			`runAsGroup: 1000`
moved to manifests from chart 2026-02-05 17:47:38 +02:00			`runAsNonRoot: true`
moved to manifests from chart 2026-02-05 17:57:22 +02:00			`fsGroup: 1000`