darwin.builder: prefer shutting down over halting VM (#208450)

This is preferable because it prevents things like disk corruption (requiring the user to delete the disk image when starting up) that I consistently ran into.
2023-01-02 10:36:41 -05:00 · 2023-01-02 10:36:41 -05:00 · 15013b3054
parent f18a89197a
commit 15013b3054
2 changed files with 23 additions and 10 deletions
--- a/doc/builders/special/darwin-builder.section.md
+++ b/doc/builders/special/darwin-builder.section.md
@ -39,7 +39,8 @@ nixos login:
 ```

 > Note: When you need to stop the VM, type `Ctrl`-`a` + `c` to open the `qemu`
-> prompt and then type `quit` followed by `Enter`
+> prompt and then type `system_powerdown` followed by `Enter`, or run `shutdown now`
+> as the `builder` user (e.g. `ssh -i keys/builder_ed25519 builder@localhost shutdown now`)

 To delegate builds to the remote builder, add the following options to your
 `nix.conf` file:
--- a/nixos/modules/profiles/macos-builder.nix
+++ b/nixos/modules/profiles/macos-builder.nix
@ -9,7 +9,8 @@ let

 in

-{ imports = [
+{
+  imports = [
    ../virtualisation/qemu-vm.nix

    # Avoid a dependency on stateVersion
@ -18,8 +19,7 @@ in
        ../virtualisation/nixos-containers.nix
        ../services/x11/desktop-managers/xterm.nix
      ];
-      config = {
-      };
+      config = { };
      options.boot.isContainer = lib.mkOption { default = false; internal = true; };
    }
  ];
@ -98,11 +98,11 @@ in
      '';

    in
-      script.overrideAttrs (old: {
-        meta = (old.meta or { }) // {
-          platforms = lib.platforms.darwin;
-        };
-      });
+    script.overrideAttrs (old: {
+      meta = (old.meta or { }) // {
+        platforms = lib.platforms.darwin;
+      };
+    });

  system = {
    # To prevent gratuitous rebuilds on each change to Nixpkgs
@ -118,10 +118,22 @@ in
    '');
  };

-  users.users."${user}"= {
+  users.users."${user}" = {
    isNormalUser = true;
  };

+  security.polkit.enable = true;
+
+  security.polkit.extraConfig = ''
+    polkit.addRule(function(action, subject) {
+      if (action.id === "org.freedesktop.login1.power-off" && subject.user === "${user}") {
+        return "yes";
+      } else {
+        return "no";
+      }
+    })
+  '';
+
  virtualisation = {
    diskSize = 20 * 1024;