Limiting WebUI to primary IP Address

For purposes beyond this thread, I have a need to run a Docker on port 80 on an additional IP Address on my OMV server. I can easily add an additional IP Address:

ifconfig eth0:1 192.168.2.7

However, everytime I attempt to run my Docker using this IP Address and Port, I get the following error:

root@NAS:/# docker run -it --name magneto --link magnetodb:db -p 192.168.2.7:80:80 byteme/website
Error response from daemon: Cannot start container 28eb288b4b1f59053312b6ff53900266cf435642b0fcc92850c0eb8c76002e6b: failed to create endpoint magneto on network bridge: Error starting userland proxy: listen tcp 192.168.2.7:80: bind: address already in use

Basically, Docker is telling me that something is using port 80 on my secondary IP Address. Some careful snooping revealed that Nginx is setup with two suspect lines:

listen [::]:80 default_server ipv6only=off;
...
listen [::]:443 default_server ipv6only=off ssl deferred;

Yes, I can go in and play with the openmediavault-webgui file, but I'd prefer to treat this box like an appliance, and rely on it's built in logic and customization before going around and bastardizing my own server.

So the questions are:
1) Whats the best way to add a new IP Address to the OMV server without hacking underlying configurations?
2) Whats the best way to limit the WebUI to the primary IP Address (again) without hacking underlying configurations?

I have a solution - please see Changing OMV Default Behavior: NGinx Configuration.

Lets hope the developers like my solution

In this particular case, OMV (native from the ISO) *did not* support reverse proxy ... or any additional NGinx websites listening on port 80/443.

I added a new site into /etc/nginx/sites-available and sym-linked it into /etc/nginx/sites-enabled. When I restarted nginx, I received the following error. I tried configuring the site to listen on port 80, a FQDN on port 80, and an IP Address on port 80. All presented with the same error message upon restart of NGinx.

2016/01/17 22:54:41 [emerg] 22173#0: bind() to 0.0.0.0:80 failed (98: Address already in use)

I found the answer on StackOverflow (http://stackoverflow.com/quest…98-address-already-in-use). Apparently, if you are listening to IPv4 and IPv6 with a listen directive, you need to split the listen into two separate lines on the default server.

So, the line in the openmediavault configuration:

listen [::]:80 default_server ipv6only=off;

needs to become:

listen 80 default_server;
listen [::]:80 default_server ipv6only=on;

This was a default OMV out of the box - prior to this change, I had not done anything to the configuration. That leads me to think that OMV doesn't play nice with other sites on the base instance of NGinx without this tweak. But I could be wrong ... here's my new NGinx site if someone wants to check my configuration:

server {
  listen news.mydomain.com:80;
  server_name  news.mydomain.com;
  access_log on;
  location / {
    proxy_pass http://192.168.1.1:8080;
    proxy_set_header    Host            $host;
    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    X-Forwarded-for $remote_addr;
    port_in_redirect off;
    proxy_connect_timeout 300;
  }


  error_page   500 502 503 504  /50x.html;
  location = /50x.html {
    root   /usr/local/nginx/html;
  }
}

Thank you for the quick reply... That article never came up in my searches while researching this issue.

I'll have to try out your method...

Huh... Previously I had used:

listen news.mydomain.com:80;

however, when I switched to the following - it all worked:

listen [::]:80;

I swear it's the only combination I *didn't* try... Thanks @subzero79