Docker Help IPv6 Nginx-Proxy

Hey everyone,

I am looking for a little help. I’ve been trying to get nginx-proxy: GitHub - jwilder/nginx-proxy: Automated nginx proxy for Docker containers using docker-gen working with IPv6. It works but the IP address is an IPv4 address from the docker server. I don’t want this… I want it to show my actual IPv6 client address. I use this for some of my apps.

X-Real-IP X-Forward-For is showing the wrong IP address as well.

The problem is that the below give me a fix that breaks the lets-encrypt companion.

Convos about it:

Alas, any help would be appreciated. Even a different proxy would work for me.

1 Like

I’m not sure there’s an easy way to do that without using DNAT, as docker sets up masquerade by default for all containers. Try launching with -P to expose the port, or use KVM as GOD and COUNTRY intended.

I think I might have figured it out, and -P doesn’t work just as an FYI.

Huh. Surprised that it doesn’t, but assigning an IPv6 address should just work.

I thought nginx-proxy was abandoned. traefik is a far more useful and elegant front-end proxy for docker containers IMHO. At least for my use cases.

I tried Traefik before, it was a mess to setup. Half the documentation wasn’t accurate or valid for the current release.

I spent a few days trying to set it up, only to find out that it wasn’t supported unless you bought the premium package.

Do you have a docker-compose with a working let’s encrypt bundle?

Also, it looks like nginx-proxy is being maintained to me:

Let’s encrypt certs support is built in to traefik, so that helps.

Here’s some relevant files. Maybe I should have PM’d them?

my docker-compose for traefik:

version: '2'

    image: traefik # The official Traefik docker image
    restart: always
      # - "80:80"     # The HTTP port
      - "443:443"   # HTTPS
      - "" # The Web UI exposed to my vpn (enabled by --api)
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /home/me/docker/traefik/acme.json:/acme.json
      - /home/me/docker/traefik/traefik.toml:/traefik.toml
      - /home/me/docker/traefik/logs:/var/log
      - proxy

    external: true

… and the traefik.toml:

defaultEntryPoints = ["https","http"]

  address = ":80"
    entryPoint = "https"
  address = ":443"


endpoint = "unix:///var/run/docker.sock"
domain = ""
watch = true
exposedByDefault = false


email = ""
storage = "acme.json"
entryPoint = "https"
onHostRule = true

then in a docker-compose for a container that’s going to be exposed…

    - traefik.enable=true
    - traefik.backend=<service-name>
    - traefik.port=80
    - default
    - proxy

the acme.json file is created and maintained by traefik. It holds certs and other info from Let’s Encrypt.

[Edit] And actually your IPv6 issues have been discussed (and solved I think) with traefik here.


Thank you and Thank you!

And the IPv6 fix is what I did with Nginx-proxy. Exact same fix to be honest.

There is also GitHub - Neilpang/nginx-proxy: nginx proxy with free ssl cert by which is a cleaner setup IMO. I’ve only messed around with it a bit in testing and for a low usage test case but it works well for that.

Did you get it to work with IPv6. I tried it a few days ago, and it failed to work with IPv6.