FoundryVTT Digital Ocean Setup Guide

This guide will walk you through setting up a FoundryVTT server on Digital Ocean using Debian 13, complete with SSL certificates and Docker containerization.

📖 Server Management Guide →

Step 1: Create Digital Ocean Droplet 📖 Official Docs

Droplet Configuration

In your Digital Ocean dashboard, create a new droplet with these settings:

Image: Debian 13 x64 (select Debian from OS options)
Plan: Basic → Regular → 2GB RAM / 1 vCPU / 50GB SSD (select $12/month plan)
Authentication: Select your SSH key or create a new one (SSH key selection interface)
Monitoring: ✓ Enable improved monitoring

Don't have an SSH key? Click "New SSH Key" to create one. You can generate a key pair directly in your browser, or if you're on Mac/Linux, run ssh-keygen -t ed25519 -C "your-email@example.com" in your terminal and paste the contents of ~/.ssh/id_ed25519.pub. 📖 SSH Key Docs

Advanced Options

Scroll down and expand the Advanced Options section. Check the IPv6 checkbox and User Data checkbox (IPv6 and User Data checkboxes) 📖 User Data Docs:

IPv6: ✓ Enable IPv6 📖 IPv6 Docs
User Data: ✓ Add initialization script

Paste this script into the User Data text field that appears:

#!/bin/bash

curl -fsSL https://install.forgot.sh/foundry/install.sh -o install.sh

curl -fsSL https://install.forgot.sh/foundry/install.sh.sha256 -o install.sh.sha256

sha256sum -c install.sh.sha256

if [ $? -eq 0 ]; then

    bash install.sh

else

    echo "SHA256 verification failed!"

fi

Finalize Details

Give your droplet a descriptive name and add a tag for organization (hostname and tags fields):

Hostname: foundry-server (or your preferred name)
Tags: foundry (helps with organization and firewall targeting)

Important: Make sure to select your SSH key before creating the droplet, or you won't be able to access it remotely!

Step 2: Configure DNS (While Droplet Deploys) 📖 DNS Docs

Set Up DNS Records

While your droplet is being created, configure your DNS records:

In Digital Ocean, go to Networking → Domains (Domains tab in Networking) 📖 Add Domain Docs
Select your domain (or add it if not already added)
Create an A record pointing to your new droplet (create A record form) 📖 DNS Records Docs:

A Record: foundry → [Droplet IPv4 Address]
AAAA Record: foundry → [Droplet IPv6 Address]

Your completed DNS records should look like this (view of completed A record).

Example DNS Setup

If your domain is example.com, you'll create:

foundry.example.com A record → 192.0.2.1
foundry.example.com AAAA record → 2001:db8::1

Configure Firewall (Optional but Recommended)

While your droplet deploys, you can also configure Digital Ocean's cloud firewall 📖 Firewall Docs:

In Digital Ocean, go to Networking → Firewalls (navigate to Firewalls tab) 📖 Create Firewall
Click "Create Firewall"
Give it a name like foundry-firewall (firewall naming)
Configure these Inbound Rules (inbound rules configuration):

SSH: TCP Port 22 from All IPv4 and All IPv6
HTTP: TCP Port 80 from All IPv4 and All IPv6
HTTPS: TCP Port 443 from All IPv4 and All IPv6

Outbound Rules: Leave as "All IPv4" and "All IPv6" (default)

In the "Apply to Droplets" section, search for your foundry tag to easily apply the firewall to your FoundryVTT server (apply firewall by tag).

Note: The setup script already configures UFW firewall on the droplet itself. This cloud firewall adds an extra layer of security at the network level.

Step 3: Install FoundryVTT

Wait for Droplet Setup

After 3-5 minutes, your droplet should be fully configured with:

✓ Docker and Docker Compose installed
✓ Nginx web server configured
✓ UFW firewall enabled
✓ User fvtt created with sudo access
✓ SSH hardened (root login disabled)

Connect to Your Droplet

Access your droplet through the Digital Ocean dashboard 📖 Console Access Docs:

Go to your Digital Ocean dashboard → Droplets
Click on your FoundryVTT droplet
Click the "Access" button
Enter username: fvtt in the console username field
Click "Launch Droplet Console" (droplet console interface)
You'll be logged in automatically (no password required)

Alternatively, if you prefer SSH, use your domain name 📖 SSH Docs:

ssh fvtt@foundry.yourdomain.com

Install FoundryVTT

If your droplet deployed successfully with the User Data script, you should see a "Configuration completed successfully!" message (successful configuration). You can now simply run:

fvtt.py install

Manual Installation (if needed): If the automatic configuration didn't work, you can install the management tool manually:

curl -fsSL https://install.forgot.sh/foundry/releases/update-fvtt-py.sh -o update-fvtt-py.sh

curl -fsSL https://install.forgot.sh/foundry/releases/update-fvtt-py.sh.sha256 -o update-fvtt-py.sh.sha256

shasum -a 256 -c update-fvtt-py.sh.sha256

if [ $? -eq 0 ]; then

    chmod +x update-fvtt-py.sh

    ./update-fvtt-py.sh install

else

    echo "SHA256 verification failed!"

fi

This will download and install the latest version of the FVTT management tool. After installation, you can run fvtt.py install to set up FoundryVTT.

During Installation

The installation script will prompt you for:

Installation Path: Accept default /opt/foundry
FoundryVTT Download URL: Get this from your FoundryVTT account
Domain: Enter foundry.yourdomain.com
Email: Your email for SSL certificate registration

Step 4: Access Your FoundryVTT Server

Success! After installation completes, your FoundryVTT server will be accessible at:
https://foundry.yourdomain.com

Management Commands

Use these commands to manage your FoundryVTT installation:

fvtt.py status - Check server status
fvtt.py service start - Start services
fvtt.py service stop - Stop services
fvtt.py service restart - Restart services
fvtt.py tool-update - Check for updates (shortcut)
fvtt.py tool check-update - Check for updates
fvtt.py tool cleanup - Perform system maintenance
fvtt.py backup list - List available backups
fvtt.py logs --follow - View logs in real-time

Troubleshooting

Common Issues

Can't connect: Make sure your DNS records have propagated (can take up to 24 hours) 📖 DNS Propagation
SSL errors: Run fvtt.py status to check service status
Service not starting: Check logs with docker compose logs -f in /opt/foundry

Get Help

If you encounter issues:

Check the FoundryVTT logs: fvtt.py status
Verify DNS propagation: dig foundry.yourdomain.com
Test SSL certificate: openssl s_client -connect foundry.yourdomain.com:443

Security Note: This setup automatically configures a firewall, SSL certificates, and secure SSH settings. Your FoundryVTT server is production-ready with best security practices. 📖 Security Best Practices

This guide uses automated scripts to ensure consistent, secure deployments of FoundryVTT on Digital Ocean.
FVTT Management Tool Version: