There are diffrent ways to support IPv6 in Docker. The easiest is to enable ipv6 on the docker host and simply use the docker proxy to forward ipv6 via ipv4 to the containers. But one disadvantage of this method is, that your container is unable to see the clients remote address. Each request seems to be send from the docker host. Especially nginx and php or a spam filter for your mailserver are depending on a correct client ip. So adding a ipv6-address to each container and allowing forwarded traffic to it is the correct way to go.
sudo nano /etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "2001:xxx:2::/64"
}
sudo nano /etc/sysctl
Change eth0 with your network device.
...
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.eth0.proxy_ndp=1
sudo sysctl -p
Ipv6 is using a neighbor discovery system, but your ISPs router wont be able to detect your containers, so you need a so called NDP (Neighbour discovery) proxy. We already enabled it for your device above, so you only need to add your containers ip adresses. For example:
ip -6 neigh add proxy 2001:xxx::2::4 dev eth0
We are almost ready for ipv6 support. Simply allow traffic to be forwarded to your containers and edit your dns settings to point directly to the containers ipv6 addresses.
ip6tables -A FORWARD -i eth0 -o docker0 -d 2001:xxx:2::4 -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
ip6tables -A FORWARD -i eth0 -o docker0 -d 2001:xxx:2::4 -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT