Update to use newest Python

lib/fudo/adguard-dns-proxy.nix

@@ -9,17 +9,16 @@ let
   get-basename = filename:
     head (builtins.match "^[a-zA-Z0-9]+-(.+)$" (baseNameOf filename));
 
-  format-json-file = filename: pkgs.stdenv.mkDerivation {
+  format-json-file = filename:
+    pkgs.stdenv.mkDerivation {
       name = "formatted-${get-basename filename}";
       phases = [ "installPhase" ];
-    buildInputs = with pkgs; [ python ];
+      buildInputs = with pkgs; [ python3 ];
       installPhase = "python -mjson.tool ${filename} > $out";
     };
 
-
   admin-passwd-file =
-    pkgs.lib.passwd.stablerandom-passwd-file
+    pkgs.lib.passwd.stablerandom-passwd-file "adguard-dns-proxy-admin"
-      "adguard-dns-proxy-admin"
     config.instance.build-seed;
 
   filterOpts = {
@@ -41,26 +40,15 @@ let
     };
   };
 
-  generate-config = { dns,
+  generate-config = { dns, http, filters, verbose, upstream-dns, bootstrap-dns
-                      http,
+    , blocked-hosts, enable-dnssec, local-domain-name, ... }: {
-                      filters,
-                      verbose,
-                      upstream-dns,
-                      bootstrap-dns,
-                      blocked-hosts,
-                      enable-dnssec,
-                      local-domain-name,
-                      ... }: {
       bind_host = http.listen-ip;
       bind_port = http.listen-port;
-    users = [
+      users = [{
-      {
         name = "admin";
-        password = pkgs.lib.passwd.bcrypt-passwd
+        password = pkgs.lib.passwd.bcrypt-passwd "adguard-dns-proxy-admin"
-          "adguard-dns-proxy-admin"
           admin-passwd-file;
-      }
+      }];
-    ];
       auth_attempts = 5;
       block_auth_min = 30;
       web_session_ttl = 720;
@@ -81,7 +69,7 @@ let
         url = filter.url;
       }) filters;
       dhcp.enabled = false;
-    clients = [];
+      clients = [ ];
       verbose = verbose;
       schema_version = 10;
     };
@@ -127,7 +115,8 @@ in {
       default = [
         {
           name = "AdGuard DNS filter";
-          url = "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt";
+          url =
+            "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt";
         }
         {
           name = "AdAway Default Blocklist";
@@ -147,11 +136,7 @@ in {
     blocked-hosts = mkOption {
       type = listOf str;
       description = "List of hosts to explicitly block.";
-      default = [
+      default = [ "version.bind" "id.server" "hostname.bind" ];
-        "version.bind"
-        "id.server"
-        "hostname.bind"
-      ];
     };
 
     enable-dnssec = mkOption {
@@ -193,7 +178,8 @@ in {
 
     allowed-networks = mkOption {
       type = nullOr (listOf str);
-      description = "Optional list of networks with which this job may communicate.";
+      description =
+        "Optional list of networks with which this job may communicate.";
       default = null;
     };
 
@@ -220,9 +206,7 @@ in {
         group = cfg.user;
       };
 
-      groups.${cfg.user} = {
+      groups.${cfg.user} = { members = [ cfg.user ]; };
-        members = [ cfg.user ];
-      };
     };
 
     fudo = {
@@ -234,10 +218,11 @@ in {
         };
       };
 
-      system.services.adguard-dns-proxy = let
+      system.services.adguard-dns-proxy =
-        cfg-path = "/run/adguard-dns-proxy/config.yaml";
+        let cfg-path = "/run/adguard-dns-proxy/config.yaml";
         in {
-        description = "DNS Proxy for ad filtering and DNS-over-HTTPS lookups.";
+          description =
+            "DNS Proxy for ad filtering and DNS-over-HTTPS lookups.";
           wantedBy = [ "default.target" ];
           after = [ "syslog.target" ];
           requires = [ "network.target" ];