Bind by default to localhost and added security warning

[antipatico]

The suggested bind method, which would not specify the bind address, would lead to binding on 0.0.0.0, potentially allowing an attacker connected to the same LAN of the hypervisor running this docker container to access this service.

As described in the patch, binding to localhost won't completely solve the problem, but it can definitely help against low skill attackers.

Security Warning

It is highly suggested to not change the default binding address (127.0.0.1), to prevent computers connected in the same Local Area Network of your hypervisor access to virt-manger.

It is also worth mentioning that a very motivated attacker having access to your LAN, could still be able to access even when binded on 127.0.0.1.

[m-bers]

I primarily use this container on a headless server and I'd guess I'm not alone in wanting the container to be accessible to the LAN. Simply binding to localhost is not the approach I want to take but I do take your point that this is a security risk. I propose splitting off NGINX into a separate container and setting up basic auth (or another form of auth). What do you think?