Hi @milkywayfarer, welcome to the community and to OpenZiti!
This is indeed a common problem and the exact issue was also asked relatively recently in the forum and prompted me to do a Ziti TV on the topic 
You can see this thread here: Ziti TV Apr 26 2024 - Building an overlay with Docker at 11 AM ET/1500UTC for some hints as to how to setup your overlay network so that it's accessible from outside the docker environment. You can watch the replay on YouTube linked in that thread too.
At the end of the day, you'll need to change the .env file as you discovered but using "localhost" won't work. Every device needs to be able to get to the controller and to the router. When you use localhost, you'll be able to get to the controller from the docker host but that's about it. Instead you really need to use an address that all the devices will be able to resolve.
I think if you look at that thread and skim (or watch intently) the video, it should answer the questions you have. If you have a look at those and still are stuck let's follow up?