Skip to main content

n8n Docker - Update on Ubuntu 24.04 VPS

Safely update an existing n8n Docker setup while keeping workflows credentials and data intact.

Daniel avatar
Written by Daniel
Updated this week

If you’re running n8n on a LumaDock VPS using Docker, updates are simple but only if the encryption key and data volume are handled correctly.

This guide shows the exact process to update n8n on Ubuntu 24.04 without losing workflows credentials or executions.

You can skip all manual steps by deploying our n8n-ready VPS image during the purchase process or from the LumaDock control panel.

Assumptions

This guide applies to the following setup:

  • Ubuntu 24.04 on a LumaDock VPS

  • n8n installed using Docker and Docker Compose

  • n8n exposed on port 5678

  • Data stored in a Docker volume named n8n_data

If your setup differs, review each step carefully before running commands.

Confirm n8n is running in Docker

Start by checking that n8n is actually running as a Docker container.

Step 1 – Check running containers

docker ps | grep n8n

If you see an n8n container listed, you’re good to continue. This confirms the installation is Docker-based and not managed by npm or systemd.

Locate your docker-compose.yml file

Docker Compose commands must always be executed from the directory that contains docker-compose.yml.

Step 2 – Find the Compose file

find / -name docker-compose.yml 2>/dev/null

Most setups place it under /root/n8n. Once found, move into that directory:

cd /root/n8n

If you run Compose commands from the wrong path, Docker won’t touch the correct container or volumes.

Back up the n8n data volume

This is the most important step. Do not skip it.

Step 3 – Create a full volume backup

Run the commands below one by one, exactly as shown. Do not copy-paste them as a single command.

docker run --rm \
   -v n8n_data:/data \
   -v $PWD:/backup \
   alpine tar czf /backup/n8n-backup-$(date +%F).tar.gz /data

This backup includes workflows credentials executions and any binary data stored by n8n. If anything goes wrong, this archive is your safety net.

Recover the existing encryption key

n8n encrypts all credentials using a single key. Losing or changing this key permanently breaks access to saved secrets.

Step 4 – Read the current encryption key

docker exec -it n8n-n8n-1 sh -lc 'cat /home/node/.n8n/config'

You’ll see output similar to:

{   "encryptionKey": "YOUR_EXISTING_KEY" }

Copy the value of encryptionKey and save it somewhere safe for the next steps.

Persist the encryption key

This step makes the encryption key persistent by defining it in docker-compose.yml.

You will open docker-compose.yml and replace the entire file content.

Step 5 – Persist the encryption key in docker-compose.yml

Step 5.1 – Open docker-compose.yml for editing

nano docker-compose.yml

Step 5.2 – Replace the entire file content

Delete everything in the file and paste this content exactly:

services:
  n8n:
    image: docker.io/n8nio/n8n:latest
    restart: always
    ports:
      - "5678:5678"
    volumes:
      - n8n_data:/home/node/.n8n
    environment:
      - N8N_ENCRYPTION_KEY="YOUR_EXISTING_KEY"
      - N8N_SECURE_COOKIE=false

volumes:
  n8n_data:

Important:
To avoid formatting issues, it’s best to paste this content into a simple text editor such as Notepad or Notepad++ first and make sure the indentation looks correct. Once it’s clean, copy it again and paste it into docker-compose.yml.

Replace PASTE_KEY_HERE with your real encryption key. Paste it exactly as you copied it. Don’t add quotes and don’t add extra spaces.

Step 5.3 – Save and exit nano

  • Press CTRL + O to save

  • Press ENTER to confirm the filename

  • Press CTRL + X to exit

Step 5.4 – Verify the file

cat docker-compose.yml

Confirm:

  • The encryption key is present

  • PASTE_KEY_HERE is gone

  • Indentation still looks correct

If anything looks off, fix it now before restarting.

Restart n8n without updating

Restart once before pulling a new image. This validates the encryption key works.

Step 6 – Restart the n8n stack

docker compose down && docker compose up -d

After restart, log in to n8n and confirm workflows load and credentials don’t show errors.

Update n8n

Once the restart is confirmed, update the image.

Step 7 – Pull the new image and recreate the container

docker compose pull && docker compose up -d

This updates the container without touching the n8n_data volume.

Verify the update

Check logs for migration success and clean startup.

Step 8 – Check recent container logs

docker logs n8n-n8n-1 --tail 50

If you see encryption errors here, the key in Compose does not match the original key.

Optional Python installation

Some nodes may warn about missing Python. Install it only if you need it.

Step 9 – Install Python 3

apt update && apt install -y python3

Restore from backup

If something goes wrong, restore the volume from your backup archive.

docker run --rm \
   -v n8n_data:/data \
   -v $PWD:/backup \
   alpine tar xzf /backup/n8n-backup-YYYY-MM-DD.tar.gz -C /

After the restore, start n8n again from the Compose directory:

docker compose up -d

As long as the encryption key and n8n_data volume stay the same, updating n8n is safe and repeatable on a LumaDock VPS.

Related Articles
Sons of The Forest – Docker server configuration
n8n – deployment notes for the LumaDock VPS template
Docker – install Docker Engine on your LumaDock VPS
Arcane – Docker management panel on LumaDock VPS
Did this answer your question?