[FEATURE] Nagging N8N secure cookie alert

[nofrillsdev]

Well, if you host locally or on a local VM I usually don´t setup https.

Unfoprtunately N8N is nagging with that stupid page that the secure cookie is not set to false.

Changing my local copy of the docker-compose script is annoying as I have to stash the change to include the following env variable:

N8N_SECURE_COOKIE=false

Could you please add that to docker-compose.yml or (better yet) include it in the env file and reference it from docker-compose.yml?

Or do you prefer a PR for such things?

[leex279]

I keep this in mind. We are currently doing a few bigger changes and we will take a look how we include this after it.
Think should be no problem then, cause we also got a --environment to choose between public and private deployment. For the private we could then auto enable the secure cookie.
We will see :)

@b-tops fyi

[b-tops]

Yep. Just add it to docker-compose.override.private.yml.
Something like:

n8n:
    ports:
      - 127.0.0.1:5678:5678
    environment:
      - N8N_SECURE_COOKIE=false

That should fix it.

[nofrillsdev]

Ok, this introduction of docker-compose.override.private.yml is now creating a whole new set of issues - probably just my way of using this repo:

I have a machine that I use headless and connect to it on my local network. But now the docker containers only bind to 127.0.0.1 which prevents accessing it with the IP address of the machine remotely. Bummer.

So I edited the private.yml to bind to 0.0.0.0 and will stash those changes once it changes again.

But IMHO in a private setting the containers should bind to all interfaces.

[leex279]

I think when you remove the 127.0.0.1 in https://github.com/coleam00/local-ai-packaged/blob/main/docker-compose.override.private.yml for all services, it should work as before.
Did you try that?

I dont agree with "in a private it should bind to all", cause also in private networks you not automatically want everything exposed and a lot users are not aware of such stuff.
Example in my company: We something like this as well that users run stuff on their laptop and it was exposed to the whole company. There were stuff for analysing in kibana/elasticsearch which is confidental, but was now reachable for all, if they knew how to get there. So you should explicitly set this. But the default is ok. That what the overrides are for.

@b-tops / @coleam00 what do you think?