# Multi-stage build: build from source with pnpm, turbo-based monorepo, and run from a slim Node image
# Builder stage: compile the project from source
FROM node:slim AS builder
# Install required build tools
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the specified pnpm globally (per blueprint)
RUN npm i -g pnpm@10.22.0
WORKDIR /workspace
# Copy only package manifest first to leverage caching, then install
COPY package.json ./
# Install dependencies for the whole monorepo
RUN pnpm install
# Copy the rest of the repository and build
COPY . .
RUN pnpm build
# Runtime stage: run the built project on a slim Node image
FROM node:slim
ENV NODE_ENV=production
WORKDIR /app
# Copy the built artifacts from the builder
COPY --from=builder /workspace /app
# Ensure proper permissions for the runtime user
RUN groupadd -r app && useradd -r -g app app && \
chown -R app:app /app
USER app
# Expose the common port used by n8n
EXPOSE 5678
# Start the application using the project's standard start flow
# This delegates to the existing start script, which in this repo is configured to launch n8n
CMD ["node", "scripts/os-normalize.mjs", "--dir", "packages/cli/bin", "n8n"]
# Docker build ignore file .git node_modules dist build coverage .vscode .idea .tmp *.log pnpm-lock.yaml .package-lock.json .dockerignore .docker .cache turbo-dist .npmrc .scripts-cache .env
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Multi-stage build: build from source with pnpm, turbo-based monorepo, and run from a slim Node image
# Builder stage: compile the project from source
FROM node:22-slim AS builder
# Install required build tools
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the specified pnpm globally (per blueprint)
RUN npm i -g pnpm@10.22.0
WORKDIR /workspace
# Copy the manifest first to leverage Docker cache during install
COPY package.json ./
# Install dependencies for the whole monorepo
RUN pnpm install
# Copy the rest of the repository and build
COPY . .
RUN pnpm build
# Runtime stage: run the built project on a slim Node image
FROM node:22-slim
ENV NODE_ENV=production
WORKDIR /app
# Copy the built artifacts from the builder
COPY --from=builder /workspace /app
# Ensure proper permissions for the runtime user
RUN groupadd -r app && useradd -r -g app app
USER app
# Expose the common port used by n8n
EXPOSE 5678
# Start the application using the project's standard start flow
CMD ["node", "scripts/os-normalize.mjs", "--dir", "packages/cli/bin", "n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Multi-stage build: build from source with pnpm, turbo-based monorepo, and run from a slim Node image
# Builder stage: compile the project from source
FROM node:22-slim AS builder
# Install required build tools
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the specified pnpm globally (per blueprint)
RUN npm i -g pnpm@10.22.0
WORKDIR /workspace
# Copy manifest files first to leverage Docker cache during install
COPY package.json pnpm-workspace.yaml* ./ 2>/dev/null || true
# Install dependencies for the whole monorepo
RUN pnpm install
# Copy the rest of the repository and build
COPY . .
RUN pnpm build
# Runtime stage: run the built project on a slim Node image
FROM node:22-slim
ENV NODE_ENV=production
WORKDIR /app
# Copy the built artifacts from the builder
COPY --from=builder /workspace /app
# Create a dedicated non-privileged user for runtime
RUN groupadd -r app && \
useradd -r -g app -d /app -s /bin/sh app
USER app
# Expose the common port used by n8n
EXPOSE 5678
# Start the application using the built n8n CLI
CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Multi-stage build: build from source with pnpm, turbo-based monorepo, and run from a slim Node image
# Builder stage: compile the project from source
FROM node:22-slim AS builder
# Install required build tools
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the specified pnpm globally (per blueprint)
RUN npm i -g pnpm@10.22.0
WORKDIR /workspace
# Copy manifest files first to leverage Docker cache during install
COPY package.json pnpm-workspace.yaml* ./ 2>/dev/null || true
# Install dependencies for the whole monorepo
RUN pnpm install
# Copy the rest of the repository and build
COPY . .
RUN pnpm build
# Runtime stage: run the built project on a slim Node image
FROM node:22-slim
ENV NODE_ENV=production
WORKDIR /app
# Copy the built artifacts from the builder
COPY --from=builder /workspace /app
# Create a dedicated non-privileged user for runtime
RUN groupadd -r app && \
useradd -r -g app -d /app -s /bin/sh app
USER app
# Expose the common port used by n8n
EXPOSE 5678
# Start the application using the built n8n CLI
CMD ["node", "scripts/os-normalize.mjs", "--dir", "packages/cli/bin", "n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Multi-stage build: build from source with pnpm, turbo-based monorepo, and run from a slim Node image
# Builder stage: compile the project from source
FROM node:22-slim AS builder
# Install required build tools
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the specified pnpm globally (per blueprint)
RUN npm i -g pnpm@10.22.0
WORKDIR /workspace
# Copy manifest files first to leverage Docker cache during install
COPY package.json ./
# Install dependencies for the whole monorepo
RUN pnpm install
# Copy the rest of the repository and build
COPY . .
RUN pnpm build
# Runtime stage: run the built project on a slim Node image
FROM node:22-slim
ENV NODE_ENV=production
WORKDIR /app
# Copy the built artifacts from the builder
COPY --from=builder /workspace /app
# Create a dedicated non-privileged user for runtime
RUN groupadd -r app && \
useradd -r -g app -d /app -s /bin/sh app
USER app
# Expose the common port used by n8n
EXPOSE 5678
# Start the application using the built n8n CLI
CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
FROM node:22-slim as builder
# Build stage: install dependencies, install pnpm, and build the monorepo from source
WORKDIR /app
# Install system dependencies required for building native modules
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Install the required pnpm version
RUN npm i -g pnpm@10.22.0
# Copy the repository into the build image
COPY . .
# Install dependencies deterministically when possible; fall back if necessary
RUN pnpm install --frozen-lockfile || pnpm install
# Build the project (turbo-based monorepo)
RUN pnpm build
# Runtime stage: run with a slim Node image
FROM node:22-slim
WORKDIR /app
# Copy built artifacts from the builder stage
COPY --from=builder /app /app
# Expose the application port
EXPOSE 5678
# Run the n8n CLI entrypoint when the container starts
USER node
CMD ["node", "packages/cli/bin/n8n"]
# Ignore node_modules and build artifacts in the repo node_modules dist build *.log .DS_Store .env .git
Concerns: No Dockerfile found at repo root
# Multi-stage Dockerfile to build and run n8n monorepo with turbo/pnpm
# Builder stage
FROM node:24-slim as builder
WORKDIR /app
# Install system dependencies required for building native modules
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
# Ensure we have a known pnpm version
RUN npm i -g pnpm@10.22.0
# Copy repository and install dependencies deterministically
COPY . .
# Install dependencies (prefer frozen lockfile when available)
RUN pnpm install --frozen-lockfile || pnpm install
# Build the monorepo (turbo-based)
RUN pnpm build
# Runtime stage
FROM node:24-slim
ENV NODE_ENV=production
WORKDIR /app
# Copy built artifacts from builder
COPY --from=builder /app /app
# Ensure proper permissions for non-root user
RUN chown -R node:node /app
USER node
# Expose n8n default port
EXPOSE 5678
# Start the n8n server by invoking the CLI entry point
CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Build-stage: compile and build the monorepo from source FROM node:slim AS builder # Install build dependencies required for native addons RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Install a compatible pnpm version (as per repo engines) RUN npm i -g pnpm@10.22.0 # Working directory for build WORKDIR /work # Copy package manifest(s) first to leverage Docker cache COPY package.json pnpm-lock.yaml* ./ # Install dependencies for the whole monorepo RUN pnpm install # Copy the rest of the repository COPY . . # Build the project from source (turbo-based monorepo) RUN pnpm build # Runtime-stage: minimal Node.js base, with built artifacts copied in FROM node:slim WORKDIR /work # Copy built artifacts from the builder stage COPY --from=builder /work /work # Ensure runtime environment tools exist for any native addons that might be used at runtime RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Also ensure pnpm is available in the final image (in case scripts or start rely on it at runtime) RUN npm i -g pnpm@10.22.0 ENV NODE_ENV=production # Expose N8N's default HTTP port EXPOSE 5678 # Run the built CLI when the container starts. The repository provides a built entry at packages/cli/bin/n8n CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Build-stage: compile and build the monorepo from source FROM node:slim AS builder # Install build dependencies required for native addons RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Install a compatible pnpm version (as per repo engines) RUN npm i -g pnpm@10.22.0 # Working directory for build WORKDIR /work # Copy package manifest(s) first to leverage Docker cache COPY package.json pnpm-lock.yaml* ./ # Install dependencies for the whole monorepo RUN pnpm install # Copy the rest of the repository COPY . . # Build the project from source (turbo-based monorepo) RUN pnpm build # Prune dev dependencies to reduce runtime image size RUN pnpm prune --prod # Runtime-stage: minimal Node.js base, with built artifacts copied in FROM node:slim WORKDIR /work # Copy built artifacts from the builder stage COPY --from=builder /work /work # Runtime dependencies are intentionally not installed here to keep image lean. # The built node_modules contain production-only dependencies. ENV NODE_ENV=production # Expose N8N's default HTTP port EXPOSE 5678 # Run the built CLI when the container starts. The repository provides a built entry at packages/cli/bin/n8n CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
.git node_modules dist build coverage .vite .vscode .env .DS_Store npm-debug.log pnpm-lock.yaml package-lock.json .yarn-lock .yarn/** /.cache /pnpm-store
# General ignores .git node_modules dist build coverage .vite .env .DS_Store npm-debug.log package-lock.json pnpm-lock.yaml .yarn-cache .npmrc .cache */tmp/*
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Build-stage: compile and build the monorepo from source FROM node:24.13.1-slim AS builder # Install build dependencies required for native addons RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Install a compatible pnpm version (as per repo engines) RUN npm i -g pnpm@10.22.0 # Working directory for build WORKDIR /work # Copy package manifest first to leverage Docker cache COPY package.json ./ # Install dependencies for the whole monorepo RUN pnpm install # Copy the rest of the repository COPY . . # Build the project from source (turbo-based monorepo) RUN pnpm build # Runtime-stage: minimal Node.js base, with built artifacts copied in FROM node:24.13.1-slim WORKDIR /work # Copy built artifacts from the builder stage COPY --from=builder /work /work ENV NODE_ENV=production # Expose N8N's default HTTP port EXPOSE 5678 # Run the built CLI when the container starts. The repository provides a built entry at packages/cli/bin/n8n CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
pnpm-workspace.yaml
- Packages (globs) - packages/* - packages/@n8n/* - packages/frontend/** - packages/extensions/** - packages/testing/** - Catalog (selected entries; large list of package: version pairs) - '@codemirror/autocomplete': 6.20.0 - '@codemirror/commands': 6.10.1 - '@codemirror/lang-css': 6.3.1 - '@codemirror/lang-javascript': 6.2.4 - '@codemirror/lang-json': 6.0.2 - '@codemirror/lang-python': 6.2.1 - '@codemirror/language': 6.12.1 - '@codemirror/lint': 6.9.2 - '@codemirror/search': 6.5.11 - '@codemirror/state': 6.5.3 - '@codemirror/view': 6.39.8 - '@lezer/common': 1.5.0 - '@lezer/css': 1.3.0 - '@lezer/highlight': 1.2.3 - '@lezer/html': 1.3.13 - '@lezer/javascript': 1.5.4 - '@lezer/generator': 1.8.0 - '@lezer/lr': 1.4.5 - '@azure/identity': 4.13.0 - '@langchain/anthropic': 1.1.3 - '@langchain/community': 1.1.14 - '@langchain/core': 1.1.31 - '@langchain/openai': 1.1.3 - '@n8n/typeorm': 0.3.20-16 - '@n8n_io/ai-assistant-sdk': 1.20.0 - '@sentry/node': ^10.36.0 - '@types/basic-auth': ^1.1.3 - '@types/express': ^5.0.1 - '@types/jsonwebtoken': 9.0.10 - '@types/lodash': 4.17.17 - '@types/mime-types': 3.0.1 - '@types/uuid': ^10.0.0 - '@types/xml2js': ^0.4.14 - '@vitest/coverage-v8': 3.2.4 - axios: 1.13.5 - basic-auth: 2.0.1 - callsites: 3.1.0 - chokidar: 4.0.3 - eslint: 9.29.0 - fast-glob: 3.2.12 - fastest-levenshtein: 1.0.16 - flatted: 3.2.7 - form-data: 4.0.4 - http-proxy-agent: 7.0.2 - https-proxy-agent: 7.0.6 - iconv-lite: 0.6.3 - js-base64: 3.7.2 - jsonrepair: 3.13.2 - jsonwebtoken: 9.0.3 - kafkajs: 2.2.4 - langchain: 1.2.30 - lodash: 4.17.23 - luxon: 3.7.2 - mime-types: 3.0.2 - mysql2: 3.17.0 - nanoid: 3.3.8 - nodemailer: 7.0.11 - pg: 8.17.0 - picocolors: 1.0.1 - reflect-metadata: 0.2.2 - rimraf: 6.0.1 - simple-git: 3.32.3 - stream-json: 1.9.1 - tsdown: ^0.16.5 - ts-morph: ^27.0.2 - tsx: ^4.19.3 - typescript: 5.9.2 - uuid: 10.0.0 - vite: npm:rolldown-vite@latest - vm2: ^3.10.5 - vite-plugin-dts: ^4.5.4 - vitest: ^3.1.3 - vitest-mock-extended: ^3.1.0 - xml2js: 0.6.2 - xss: 1.0.15 - zod: 3.25.67 - zod-to-json-schema: 3.23.3 - js-tiktoken: 1.0.12 - Catalogs frontend: - '@sentry/vue': ^10.36.0 - '@testing-library/jest-dom': ^6.6.3 - '@testing-library/user-event': ^14.6.1 - '@testing-library/vue': ^8.1.0 - '@vitejs/plugin-vue': ^5.2.4 - '@vue/test-utils': ^2.4.6 - '@vue/tsconfig': ^0.7.0 - '@vueuse/core': ^10.11.0 - element-plus: 2.4.3 - highlight.js: 11.8.0 - pinia: ^2.2.4 - unplugin-icons: ^0.19.0 - vite-svg-loader: 5.1.0 - vue: ^3.5.13 - vue-i18n: ^11.1.2 - vue-markdown-render: ^2.2.1 - vue-router: ^4.5.0 - vue-tsc: ^2.2.8 storybook: - '@chromatic-com/storybook': ^4.1.3 - '@storybook/addon-a11y': ^10.1.11 - '@storybook/addon-docs': ^10.1.11 - '@storybook/addon-themes': ^10.1.11 - '@storybook/addon-vitest': ^10.1.11 - '@storybook/vue3-vite': ^10.1.11 - eslint-plugin-storybook: ^10.1.11 - storybook: ^10.1.11 e2e: - '@playwright/cli': 0.1.0 - '@playwright/test': 1.58.0 - '@currents/playwright': ^1.15.3 - eslint-plugin-playwright: 2.2.2 - playwright: 1.58.0 - playwright-core: 1.58.0 sentry: - '@sentry/node': '^10.36.0' - '@sentry/node-native': '^10.36.0' - '@sentry/profiling-node': '^10.36.0' - minimumReleaseAge: 4320 - minimumReleaseAgeExclude - '@isaacs/brace-expansion' - '@n8n/*' - '@n8n_io/*' - 'tsdown@0.16.5' - eslint-plugin-storybook - eslint-plugin-n8n-nodes-base - '@langchain/*' - 'langchain' - '@anthropic-ai/sdk' - '@google/generative-ai' - '@google/genai' - body-parser - node-forge - vm2 - tar - qs - ajv - bn.js - fast-xml-parser - '@hono/node-server' - express-rate-limit - hono - minimatch - multer - simple-git - underscore
# Build-stage: compile and build the monorepo from source FROM node:24.13.1-slim AS builder # Install build dependencies required for native addons RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Install a compatible pnpm version (as per repo engines) RUN npm i -g pnpm@10.22.0 # Working directory for build WORKDIR /work # Copy workspace manifests first to leverage Docker cache COPY package.json pnpm-lock.yaml* pnpm-workspace.yaml ./ # Install dependencies for the whole monorepo RUN pnpm install # Copy the rest of the repository COPY . . # Build the project from source (turbo-based monorepo) RUN pnpm build # Prune dev dependencies to reduce runtime image size RUN pnpm prune --prod # Runtime-stage: minimal Node.js base, with built artifacts copied in FROM node:24.13.1-slim WORKDIR /work # Copy built artifacts from the builder stage COPY --from=builder /work /work ENV NODE_ENV=production # Expose N8N's default HTTP port EXPOSE 5678 # Run the built CLI when the container starts. The repository provides a built entry at packages/cli/bin/n8n CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock
# Build-stage: compile and build the monorepo from source FROM node:24.13.1-slim AS builder # Install build dependencies required for native addons RUN apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* # Install a compatible pnpm version (as per repo engines) RUN npm i -g pnpm@10.22.0 # Working directory for build WORKDIR /work # Copy workspace manifests first to leverage Docker cache COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./ # Install dependencies for the whole monorepo RUN pnpm install # Copy the rest of the repository COPY . . # Build the project from source (turbo-based monorepo) RUN pnpm build # Prune dev dependencies to reduce runtime image size RUN pnpm prune --prod # Runtime-stage: minimal Node.js base, with built artifacts copied in FROM node:24.13.1-slim WORKDIR /work # Copy built artifacts from the builder stage COPY --from=builder /work /work # Create a non-root user for running the app RUN groupadd -r app && useradd -r -g app app RUN mkdir -p /work && chown -R app:app /work USER app ENV NODE_ENV=production # Expose N8N's default HTTP port EXPOSE 5678 # Run the built CLI when the container starts. The repository provides a built entry at packages/cli/bin/n8n CMD ["node", "packages/cli/bin/n8n"]
ERROR: permission denied while trying to connect to the docker API at unix:///var/run/docker.sock