IMPORTANT: As of 12/11/2023, the Docker version used by Synology has reached end-of-life, but is due to be updated with DSM 7.2.2.
This is the Synology guide for those of us that are more comfortable interacting with Docker using a UI! If you're comfortable managing everything through the command line, use the other guide.
Please note that Synology ransomware attacks are on the rise, so secure your NAS, use strong passwords, use HTTPS, and turn off Synology QuickConnect under Control Panel > External Access.
Note: This is a first draft of this guide, so if you run into issues or find things that need updating, send a note to hightouch on Discord. I'll try to add screenshots at some point in the future.
:30000.foundryonsynology.info.
Wherever you store your Docker container folders, create a new Foundry data folder. This guide assumes this folder is set up under home/docker/foundry.
Set up port forwarding via your router (and modem depending on your provider) to your NAS. This guide assumes you will be using the default port :30000. Here's a decent guide from NordVPN with a wide range of router examples.
:30000 to the internal IP address of your Synology.:80 to your NAS so that Synology can auto-renew this certificate with Let's Encrypt.
Download your certificate from your domain registrar, or use Synology's Let's Encrypt setup. If you use a registrar, this is usually found under the DNS section under your custom domain.
home/docker/foundry/Config)./home/docker/foundry in our example), create a new /Config folder/Config folder.
30000 / 30000 / TCP/home/docker/foundry). Give it the alias /data, and leave Read/Write access.| Variable name | Example value | Description |
|---|---|---|
| PUID | 1000 | The PUID for your docker user (guide here) |
| PGID | 1000 | The PGID for your docker user (guide here) |
| FOUNDRY_USERNAME | foundryonsynology | Your Foundry username, not email |
| FOUNDRY_PASSWORD | Foundry-On-Synology7.2 | Your Foundry password |
| FOUNDRY_ADMIN_KEY | Let.Me.In.To.Foundry | The admin section login password you want to use in Foundry |
| FOUNDRY_LICENSE_KEY | 1234-5678-9012-3456-7890 | Your Foundry license key |
| FOUNDRY_HOSTNAME | foundryonsynology.info | Your custom domain name |
| FOUNDRY_SSL_CERT | cert.pem | The filename of the certificate you added to /foundry/Config |
| FOUNDRY_SSL_KEY | privkey.pem | The filename of the private key file you added to /foundry/Config |
| FOUNDRY_PROXY_SSL | true | Yes, you want to use SSL |
| FOUNDRY_PROXY_PORT | 443 | This requires the HTTPS port 443 , not our default 30000 |
| FOUNDRY_LOCAL_HOSTNAME | foundryonsynology.info | Your custom domain name |
Then start it up!
| Tab | Field | Value | |
|---|---|---|---|
| General | Reverse Proxy Name | Foundry | |
| Source | |||
| Protocol | HTTPS | ||
| Hostname | foundryonsynology.info | Your domain name | |
| Port | 30000 | The external port you're forwarding inbound from your router | |
| Enable HSTS | Checked/true | ||
| Access control profile | Not configured | ||
| Destination | |||
| Protocol | HTTPS | ||
| Hostname | 192.168.1.100 | The internal IP address of your NAS, (Control Center > Info Center > Network) | |
| Custom Header | Upgrade | $http_upgrade | Add these 5 custom entries |
| Connection | $connection_upgrade | ||
| Host | $host | ||
| X-Forwarded-For | $proxy_x_add_forwarded_for | ||
| X-Forwarded-Proto | $scheme |
You should now be able to visit your Foundry instance from two locations. In our example, externally this is https://foundryonsynology.info:30000, and on our internal network at https://192.168.1.100:30000. These are just the example addresses, yours will be different!
If you see the Foundry screen, but there is no card with login information and you see an error in the console referencing websockets, that means your Reverse Proxy is not set up correctly.
Double check Web Station > Web Service and Web Portal and make sure there are not entries for your Docker container.
If there are, delete them then go back to your Foundry container in Container Manager > Container > foundry > Settings and make sure the Set up web portal via Web Station option is off and that you only see your 30000/30000/TCP entry under Port Settings.