From: Oleg Broytman <phd@phdru.name>
Date: Sun, 13 Mar 2022 09:28:32 +0000 (+0300)
Subject: Fix(debian/named): Use IP instead of name
X-Git-Url: https://git.phdru.name/?p=ansible.git;a=commitdiff_plain;h=35520191826817eb3de523310213df95fabc94b8

Fix(debian/named): Use IP instead of name

In `named` config it's better not to resolve names, even `localhost`.
---

diff --git a/playbooks/roles/debian/named/templates/named.conf.options b/playbooks/roles/debian/named/templates/named.conf.options
index 37f8735..8f0cfc7 100644
--- a/playbooks/roles/debian/named/templates/named.conf.options
+++ b/playbooks/roles/debian/named/templates/named.conf.options
@@ -26,6 +26,6 @@ options {
 	// listen-on-v6 { any; };
 
 	// allow-transfer { trusted; };
-	allow-query { localhost; {{ ansible_facts.default_ipv4.address }}/32; 192.168.0.0/16; 10.0.0.0/8; };
-	allow-recursion { localhost; {{ ansible_facts.default_ipv4.address }}/32; 192.168.0.0/16; 10.0.0.0/8; };
+	allow-query { 127.0.0.1/32; {{ ansible_facts.default_ipv4.address }}/32; 192.168.0.0/16; 10.0.0.0/8; };
+	allow-recursion { 127.0.0.1/32; {{ ansible_facts.default_ipv4.address }}/32; 192.168.0.0/16; 10.0.0.0/8; };
 };