Update the security docs to recommend binding to 127.0.0.1 / localhost

[anderseknert]

The docs on security already make use of --addr 127.0.0.1 or localhost in some of the examples provided, but does not mention why this is a good practice that should generally be followed for any non-public OPA deployment.

Unless explicitly configured, OPA will bind to the 0.0.0.0 interface, which allows the OPA server to be exposed to services running outside of the same machine. While this by itself is not insecure in a trusted environment — exposing OPA to the outside world also requires the ports to be actively made open on the machine, and likely also the same procedure to be done in a gateway layer above — it is clear that there are OPA deployments in the wild where this has not been accounted for (thanks @magnologan!). We should update the docs to reflect the best practice here, and recommend binding to the localhost interface unless exposing OPA to remote services is desired, in which case the other recommendations of the security document applies (require authentication, etc).

[anderseknert]

In addition to better documentation, it's been suggested that we print something informative on server start unless any --addr has been provided — i.e. when the default value has been picked. While this might be somewhat annoying, it's easily fixed by doing the right thing. Naturally, we'll want to make sure all our docs are updated to follow our own advice.