Step-by-Step Guide To Setup Raspberry Pi 5 with n8n, Docker, Postgresql and Cloudflare Tunnel For Penetration Testing

Author: Bhashit

Date: May 16, 2025

I’m sharing a detailed guide and process to configure a Raspberry Pi 5 to run n8n (an AI automation platform) using Docker, with PostgreSQL as the database and Cloudflared for secure external access. The setup is tailored for local use in an office environment, leveraging Raspberry Pi OS 5 (64-bit, Bookworm) for optimal performance. Since I will be also using AI operations within this, I have also got an active cooler for support. 😉

Goal:

I want to automate majority of my repetitive daily task. I also want to automate pentesting operations as much as possible that includes running tools as well as client communication.

Prerequisites:

Hardware:

Raspberry Pi 5 (16GB recommended).
5V/5A USB-C power supply (official Raspberry Pi 27W recommended).
MicroSD card (128GB A2 Class minimum, or SSD for better performance).
USB keyboard, mouse, and HDMI monitor (for initial setup, optional if using SSH).
Cloudflare account
A domain

Start with updating your system:

Step 1: Download Raspberry Pi Imager

Step 2: Flash Raspberry Pi OS using Raspberry Pi Imager

Step 3: Boot the Raspberry Pi

Step 4: Update the system:

sudo apt update && sudo apt full-upgrade -y
sudo reboot

Step 5: Enable 64-bit Kernel

sudo raspi-config

Install Docker

Step 1: Install Docker

sudo apt install docker.io docker-compose -y

Step 2: Verify Docker Installation

docker –version
docker-compose –version

Setup PostgreSQL

Step 1: Pull PostgreSQL docker image

docker pull postgres:latest

Step 2: Create a persistent volume:

mkdir -p ~/postgres-data

Step 3: Run PostgreSQL Container

docker run -d –name postgres -e POSTGRES_USER=n8n_user -e POSTGRES_PASSWORD=secure_password_123 -e POSTGRES_DB=n8n -v ~/postgres-data:/var/lib/postgresql/data -p 5432:5432 –restart unless-stopped postgres:latest

Step 4: Verify PostgreSQL

docker ps

Set Up n8n with Docker

Step 1: Create a Docker Compose File

mkdir ~/n8n && cd ~/n8n
nano docker-compose.yml

Step 2: Add the following configuration to connect n8n to PostgreSQL:

version: '3.8'
services:
n8n:
image: n8nio/n8n:latest
container_name: n8n
ports:
- "5678:5678"
environment:
- N8N_HOST=localhost
- N8N_PORT=5678
- N8N_PROTOCOL=http
- DB_TYPE=postgresdb
- DB_POSTGRESDB_HOST=postgres
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_USER=n8n_user
- DB_POSTGRESDB_PASSWORD=secure_password_123
volumes:
- ./n8n-data:/home/node/.n8n
depends_on:
- postgres
restart: unless-stopped

Replace secure_password_123 with the same password used for PostgreSQL.
Save and exit (Ctrl+x, Ctrl+y).

Step 3: Create a Data Volume

mkdir n8n-data

Step 4: Start n8n

docker-compose up -d

Step 5: Verify n8n

docker ps

Access n8n in a browser at http://<ip>:5678 (find the IP with hostname).

Install and Configure Cloudflared

Step 1: Download and install the Cloudflared binary for ARM64

cd
mkdir cloudflare
cd cloudflare
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.deb
sudo dpkg -i cloudflared-linux-arm64.deb
sudo apt –fix-broken install -y

Step 2: Login to cloudflared

cloudflared tunnel login

Step 3: Create a Tunnel

cloudflared tunnel create n8n-tunnel

Step 4: Configure the tunnel

nano ~/.cloudflared/config.yml

Step 5: Add the following

tunnel: <tunnel-uuid>
credentials-file: /home/pi/.cloudflared/.json
ingress:

service: http_status:404

hostname: n8n.yourdomain.com
service: http://localhost:5678

Replace <tunnel-uuid> with your tunnel UUID and n8n.yourdomain.com with your subdomain.

Step 6: Create a DNS record. DNS route.

cloudflared tunnel route dns n8n-tunnel n8n.yourdomain.com

Replace n8n.yourdomain.com with your domain.

Step 7: Run the tunnel

cloudflared tunnel run n8n-tunnel

Persistent Cloudflare

Step 1: Create cloudflared service:

sudo nano /etc/systemd/system/cloudflared.service

Add the following:

[Unit]
Description=Cloudflared Tunnel
After=network.target

[Service]
ExecStart=/usr/bin/cloudflared tunnel run –config=/home/pi/.cloudflared/config.yml n8n-tunnel
Restart=always
User=pi

[Install]
WantedBy=multi-user.target

Change the User with your username and change the ExecStart value with your path.

Step 2: Enable the cloudflare service

sudo systemctl enable cloudflared
sudo systemctl start cloudflared

Step 3: Verify cloudflare:

Access n8n at https://n8n.yourdomain.com with https enabled automatically.

Step 4: Check the tunnel status:

cloudflared tunnel info n8n-tunnel
systemctl status n8n

Troubleshoot:

We unfortunately face powercut in our area these days. Sometimes when the raspberry pi, cloudflared’s service goes down due to power cut. The service fails to start. Here is how you can fix it.

Cloudflared services going down:

Step 1: Make sure the service Active status is failing.

sudo systemctl status cloudflared

Step 2: If so, stop the service, start the service again and check the status:

sudo systemctl stop cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared

Visit n8n.yourdomain.com and confirm if it is working fine.

Update your n8n

Use the following command to update your n8n.

cd n8n/
docker stop n8n
docker rm n8n
docker pull n8nio/n8n
docker-compose up -d

Thats it..

Let me know if you have any suggestions!!

Happy automation!!

« A Real World Example Of Classic Remote Command Execution (RCE)

Bhashit Pandya

Thoughts, stories, ideas, and infosec..