From 9e3e9fdeff5faffa77ef173d88d0e3d0265b5505 Mon Sep 17 00:00:00 2001
From: blacktirion <tirion@outlook.com>
Date: Tue, 14 Jan 2020 02:40:48 -0600
Subject: [PATCH] nginx_proxy: Remove IPv6 Listen statements from nginx.conf
 (#991)

* nginx_proxy: Remove IPv6 Listen statements from nginx.conf

Pursuant to PR https://github.com/home-assistant/hassio-addons/pull/972, making this change hard-coded, rather than an option to be set in the Addon Config.

* remove ipv6only=off statement from nginx.conf

As mentioned in https://github.com/home-assistant/hassio-addons/pull/991#issuecomment-573351637

* Update config.json

* Update CHANGELOG.md

Co-authored-by: Pascal Vizeli <pascal.vizeli@syshack.ch>
---
 nginx_proxy/CHANGELOG.md    | 8 ++++++++
 nginx_proxy/config.json     | 2 +-
 nginx_proxy/data/nginx.conf | 8 ++++----
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/nginx_proxy/CHANGELOG.md b/nginx_proxy/CHANGELOG.md
index 17d376e..4e77f77 100644
--- a/nginx_proxy/CHANGELOG.md
+++ b/nginx_proxy/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## 2.6
+
+- Remove ipv6 listener because we run only inside virtual network on a ipv4 range
+
+## 2.5
+
+- Migrate to Bashio
+
 ## 2.4
 
 - Added Cloudflare mechanism for creating auto-generated ipv4/ipv6 list for real visitor ip
diff --git a/nginx_proxy/config.json b/nginx_proxy/config.json
index aa2cf0e..17243bc 100644
--- a/nginx_proxy/config.json
+++ b/nginx_proxy/config.json
@@ -1,6 +1,6 @@
 {
   "name": "NGINX Home Assistant SSL proxy",
-  "version": "2.5",
+  "version": "2.6",
   "slug": "nginx_proxy",
   "description": "An SSL/TLS proxy",
   "url": "https://github.com/home-assistant/hassio-addons/tree/master/nginx_proxy",
diff --git a/nginx_proxy/data/nginx.conf b/nginx_proxy/data/nginx.conf
index df52a12..238d0e8 100644
--- a/nginx_proxy/data/nginx.conf
+++ b/nginx_proxy/data/nginx.conf
@@ -18,8 +18,8 @@ http {
 	
     server {
         server_name _;
-        listen [::]:80 default_server ipv6only=off;
-        listen [::]:443 ssl http2 default_server ipv6only=off;
+        listen 80 default_server;
+        listen 443 ssl http2 default_server;
         ssl_certificate /data/ssl-cert-snakeoil.pem;
         ssl_certificate_key /data/ssl-cert-snakeoil.key;
         return 444;
@@ -29,7 +29,7 @@ http {
         server_name %%DOMAIN%%;
 
         # These shouldn't need to be changed
-        listen [::]:80;
+        listen 80;
         return 301 https://$host$request_uri;
     }
 
@@ -42,7 +42,7 @@ http {
         # dhparams file
         ssl_dhparam /data/dhparams.pem;
 
-        listen [::]:443 ssl http2;
+        listen 443 ssl http2;
         %%HSTS%%
         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";