repair nixbld users on macOS and rebase their uids

repair_nixbld_users.fish

#!/usr/bin/env fish

# don't blindly run this :-)

set -l uid_base 1000

function local_dscl
  dscl . $argv; or exit 1
end

set -l nixbld_gid (local_dscl cat /Groups/nixbld PrimaryGroupID | string match -r "\d+"; or exit 1)
echo "[*] nixbld gid is $nixbld_gid (allegedly)"

# ???: is 32 always the upper bound?
for n in (seq 1 32)
  set -l build_user_name _nixbld$n
  set -l new_build_user_uid (math $uid_base + $n)
  set -l ds_path /Users/$build_user_name

  # users can exist in directory services but not to posix if the information
  # isn't valid
  if id $build_user_name >/dev/null 2>&1
    # user exists, modify uid
    set -l current_build_user_uid (local_dscl cat $ds_path UniqueID | string match -r "\d+")
    set_color blue; echo "[*] $ds_path exists, forcing its uid from $current_build_user_uid to $new_build_user_uid"; set_color normal
    local_dscl -create $ds_path UniqueID $new_build_user_uid
  else
    set_color red; echo "[*] $ds_path doesn't exist, creating with uid $new_build_user_uid"; set_color normal
    # https://github.com/DeterminateSystems/nix-installer/blob/1998fe1a1f9297e66d1041b51f1eb24e10af8cd1/src/action/base/create_user.rs#L132
    local_dscl -create $ds_path
    local_dscl -create $ds_path UniqueID $new_build_user_uid
    local_dscl -create $ds_path PrimaryGroupID $nixbld_gid
    local_dscl -create $ds_path RealName $build_user_name
    local_dscl -create $ds_path NFSHomeDirectory /var/empty
    local_dscl -create $ds_path UserShell /sbin/nologin
    local_dscl -create $ds_path IsHidden 1
  end
end

# assume /Groups/nixbld GroupMembership is correct