I just setup IPv6 on my network.
I have a single A record for server.mydomain.com with about 10 CNAMEs referencing specific services proxied by NGINX.
NGINX defines each of these with a server_name directive in the appropriate SERVER block along with the listen directives.
I just added my AAAA for the server.mydomain.com as well so I can find the IPv6 address.

I modified one of these configurations for files.mydomain.com to listen on IPv6 by adding the second line here:

listen 443 ssl http2;
listen [::]:443 ssl http2;

This appears to work, and my files.mydomain.com answers now on IPv6.
The problem is that all ~9+ other sites I have with different server_name directives all get directed to the files site.

I believe this is happening because files.mydomain.com is the only one with a "listen [::] 443" directive, so it in essence becomes the "default server" for everything over IPv6?

If I go and enable IPv6 with the appropriate listen directive on the other sites, then they properly route the host header to the server_name directive. However I don't necessarily want to enable IPv6 on every site.

Is there a way to run all of these on the same port (443), but ensure that host headers are only answered if they match?

I suppose I can just enable the " listen [::]:443 ssl http2;" directive on the default web-site as well.... Is this the best/recommended way?

thanks

I want to note that setting the default site to listen is not the behavior I want either.
When I do this, then requests to other sites just hit the default site (which is an empty site).

Basically, the behavior I want is that if I have define IPv6 to listen on a site then that site should be the destination.
However, if I haven't defined IPv6 to listen on a site, then I still want the request to go over IPv4.

I have a feeling I cannot do this while still maintaining my 10 CNAME mappings for one set of A/AAAA records.
I think I will need to create an A record for each site and only create AAAA records for the sites I want IPv6 on?