bind: Set default forwarder as systemd-resolved

Closes: #1196.

- systemd-resolved always contains the current list of known DNS servers taken
from systemd-networkd, network-manager, or by other means. It also has fallback
DNS servers. Forwarding requests to it allows correct and failsafe way to reach
external DNS servers.

Tests:

- Freshly install bind and notice that the fowarders list is set to 127.0.0.53.

- Install without the patch. Apply patch. Restart service. bind is upgraded to
new version and forwarder is set to 127.0.0.53 if it is blank. Otherwise, it
remains as is.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>

plinth/modules/bind/__init__.py

@@ -30,7 +30,7 @@ class BindApp(app_module.App):
 
     app_id = 'bind'
 
-    _version = 3
+    _version = 4
 
     def __init__(self) -> None:
         """Create components for the app."""

plinth/modules/bind/privileged.py

@@ -24,7 +24,7 @@ recursion yes;
 allow-query { goodclients; };
 
 forwarders {
-
+127.0.0.53;
 };
 forward first;
 
@@ -32,6 +32,7 @@ auth-nxdomain no;    # conform to RFC1035
 listen-on-v6 { any; };
 };
 '''
+DEFAULT_FORWARDER = '127.0.0.53'  # systemd-resolved
 
 
 @privileged
@@ -40,8 +41,12 @@ def setup(old_version: int):
     if old_version == 0:
         with open(CONFIG_FILE, 'w', encoding='utf-8') as conf_file:
             conf_file.write(DEFAULT_CONFIG)
-    elif old_version < 3:
-        _remove_dnssec()
+    elif old_version < 4:
+        if not get_config()['forwarders']:
+            _set_forwarders(DEFAULT_FORWARDER)
+
+        if old_version < 3:
+            _remove_dnssec()
 
     Path(ZONES_DIR).mkdir(exist_ok=True, parents=True)