bind: add records for resolving localhost

hosts/common/net/dns/bind.nix

@@ -65,12 +65,12 @@ in
     #   listen-on port 953 { any; };
     # '';
 
-    services.bind.extraArgs = [
+    # services.bind.extraArgs = [
-      # -d = debug logging level: higher = more verbose
+    #   # -d = debug logging level: higher = more verbose
-      "-d" "2"
+    #   "-d" "2"
-      # -L = where to log. default is `named.run` in PWD -- unless running interactively in which case it logs to stdout
+    #   # -L = where to log. default is `named.run` in PWD -- unless running interactively in which case it logs to stdout
-      "-L" "/var/log/named/named.log"
+    #   "-L" "/var/log/named/named.log"
-    ];
+    # ];
 
     networking.resolvconf.useLocalResolver = false;  #< we manage resolvconf explicitly, above
 
@@ -112,6 +112,25 @@ in
         ${bindCfg.extraOptions}
       };
 
+      // XXX(2025-06-18): some tools i use for work assume 'localhost' can be resolved by the system nameserver,
+      // and not just by /etc/hosts
+      zone "localhost" {
+        type master;
+        file "${pkgs.writeText "localhost" ''
+          $TTL 300
+          @               IN      SOA     localhost. root.localhost. (
+                                          202506181       ; Serial
+                                          28800   ; Refresh
+                                          7200    ; Retry
+                                          604800  ; Expire
+                                          86400)  ; Minimum TTL
+                                  NS      localhost.
+
+          localhost.              A        127.0.0.1
+                                  AAAA     ::1
+        ''}";
+      };
+
       ${bindCfg.extraConfig}
     '';