allow PowerDNS webserver on loopback for root

nftables-dns.conf

@@ -55,6 +55,8 @@ table inet filter {
         skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
         skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
 
+        skuid powerdns meta l4proto tcp th sport 80 th dport >= 1024 accept
+
         skuid != root counter goto output-reject
         accept
     }