- create a tailscale key with default settings
- create a
.envfile
# enter your foundryvtt username and password
FOUNDRY_PASSWORD=
FOUNDRY_USERNAME=
# add your tailscale auth key here
TS_AUTHKEY=- create a
docker-compose.ymlfile
services:
foundry:
image: felddy/foundryvtt:13
container_name: foundry
restart: unless-stopped
user: 1000:1000
env_file: [.env]
environment:
FOUNDRY_VERSION: "13.351"
CONTAINER_PRESERVE_CONFIG: "true"
volumes:
- ./foundry:/data
ports:
- "127.0.0.1:30000:30000"
tailscale:
image: tailscale/tailscale:stable
container_name: tailscale
restart: unless-stopped
network_mode: "host"
env_file: [.env]
cap_add: [NET_ADMIN, SYS_MODULE]
environment:
TS_STATE_DIR: /var/lib/tailscale
TS_USERSPACE: "false"
TS_HOSTNAME: "foundry"
volumes:
- ./tailscale:/var/lib/tailscale
- /dev/net/tun:/dev/net/tun
command: >
sh -lc '
set -e
tailscaled --state=/var/lib/tailscale/tailscaled.state &
sleep 2
tailscale up --authkey=${TS_AUTHKEY} --hostname=${TS_HOSTNAME} --accept-dns=true
tailscale serve reset || true
tailscale funnel reset || true
tailscale funnel --bg 30000
tailscale cert $(tailscale serve status | grep -oE "https://[^ ]+\.ts\.net" | head -n1 | sed "s#https://##")
echo "Foundry will be reachable at:"
tailscale serve status | grep "# "
tail -f /dev/null
'- if on linux create the folder before starting
mkdir -p foundryto prevent permission issues docker compose up -d- watch logs with
docker logs tailscale -f. It will tell you your public URL
Make sure to set Foundry admin and user passwords. This is open to the internet at this point.