users: remove `users.forceRecreate` option

1 files changed, 18 insertions, 60 deletions

diff --git a/modules/users/default.nix b/modules/users/default.nix
index 92c0cd8..58156d2 100644
--- a/modules/users/default.nix
+++ b/modules/users/default.nix
@@ -41,6 +41,10 @@ let
 in
 
 {
+  imports = [
+    (lib.mkRemovedOptionModule [ "users" "forceRecreate" ] "")
+  ];
+
   options = {
     users.knownGroups = mkOption {
       type = types.listOf types.str;
@@ -85,13 +89,6 @@ in
       type = types.attrsOf types.str;
       default = {};
     };
-
-    users.forceRecreate = mkOption {
-      internal = true;
-      type = types.bool;
-      default = false;
-      description = "Remove and recreate existing groups/users.";
-    };
   };
 
   config = {
@@ -152,33 +149,11 @@ in
         fi
       }
 
-      ensureDeletable() {
-        # TODO: add `darwin.primaryUser` as well
-        if [[ "$1" == "$USER" ]]; then
-          printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', "$1"
-          exit 1
-        elif [[ "$1" == "root" ]]; then
-          printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
-          exit 1
-        fi
-
-        ensurePerms "$1" delete
-      }
 
       ${concatMapStringsSep "\n" (v: let
         name = lib.escapeShellArg v.name;
         dsclUser = lib.escapeShellArg "/Users/${v.name}";
       in ''
-        ${optionalString cfg.forceRecreate ''
-          u=$(id -u ${name} 2> /dev/null) || true
-          if [[ "$u" -eq ${toString v.uid} ]]; then
-            # TODO: add `darwin.primaryUser` as well
-            if [[ ${name} != "$USER" && ${name} != "root" ]]; then
-              ensureDeletable ${name}
-            fi
-          fi
-        ''}
-
         u=$(id -u ${name} 2> /dev/null) || true
         if ! [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
           if [ -z "$u" ]; then
@@ -203,11 +178,22 @@ in
         fi
       '') createdUsers}
 
-      ${concatMapStringsSep "\n" (name: ''
-        u=$(id -u ${lib.escapeShellArg name} 2> /dev/null) || true
+      ${concatMapStringsSep "\n" (v: let
+        name = lib.escapeShellArg v;
+      in ''
+        u=$(id -u ${name} 2> /dev/null) || true
         if [ -n "$u" ]; then
           if [ "$u" -gt 501 ]; then
-            ensureDeletable ${lib.escapeShellArg name}
+            # TODO: add `darwin.primaryUser` as well
+            if [[ ${name} == "$USER" ]]; then
+              printf >&2 '\e[1;31merror: refusing to delete the user calling `darwin-rebuild` (%s), aborting activation\e[0m\n', ${name}
+              exit 1
+            elif [[ ${name} == "root" ]]; then
+              printf >&2 '\e[1;31merror: refusing to delete `root`, aborting activation\e[0m\n'
+              exit 1
+            fi
+
+            ensurePerms ${name} delete
           fi
         fi
       '') deletedUsers}
@@ -219,17 +205,6 @@ in
       ${concatMapStringsSep "\n" (v: let
         dsclGroup = lib.escapeShellArg "/Groups/${v.name}";
       in ''
-        ${optionalString cfg.forceRecreate ''
-          g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
-          g=''${g#PrimaryGroupID: }
-          if [[ "$g" -eq ${toString v.gid} ]]; then
-            echo "deleting group ${v.name}..." >&2
-            dscl . -delete ${dsclGroup}
-          else
-            echo "warning: existing group '${v.name}' has unexpected gid $g, skipping..." >&2
-          fi
-        ''}
-
         g=$(dscl . -read ${dsclGroup} PrimaryGroupID 2> /dev/null) || true
         g=''${g#PrimaryGroupID: }
         if [ -z "$g" ]; then
@@ -273,23 +248,6 @@ in
         name = lib.escapeShellArg v.name;
         dsclUser = lib.escapeShellArg "/Users/${v.name}";
       in ''
-        ${optionalString cfg.forceRecreate ''
-          u=$(id -u ${name} 2> /dev/null) || true
-          if [[ "$u" -eq ${toString v.uid} ]]; then
-            # TODO: add `darwin.primaryUser` as well
-            if [[ ${name} == "$SUDO_USER" ]]; then
-              printf >&2 'warning: not going to recreate the user calling `darwin-rebuild` (%s), skipping...\n' "$SUDO_USER"
-            elif [[ ${name} == "root" ]]; then
-              printf >&2 'warning: not going to recreate root, skipping...\n'
-            else
-              printf >&2 'deleting user ${v.name}...\n'
-              dscl . -delete ${dsclUser}
-            fi
-          else
-            echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2
-          fi
-        ''}
-
         u=$(id -u ${name} 2> /dev/null) || true
         if [[ -n "$u" && "$u" -ne "${toString v.uid}" ]]; then
           echo "warning: existing user '${v.name}' has unexpected uid $u, skipping..." >&2