<vcunat>
I'm afraid Java experts are rare among Nixpkgs contributors.
<andi->
:D
<andi->
maybe that is even a good thing...
<andi->
imagine having to mirror maven..
orivej has joined #nixos-aarch64
orivej has quit [Ping timeout: 276 seconds]
<vcunat>
BTW, gcj is slowly dying apparently (removed upstream from gcc-7).
<andi->
i know
<andi->
but it is the only option to get a jre bootstrapped somehow :/
<andi->
i am not sure how the java people imagine bootstrapping for different archs..
<vcunat>
Oh. I don't know that.
<andi->
the path I discovered so far is: gcj -> icedtea flavored openjdk6 -> openjdk7 -> openjdk8 ...
<andi->
icedtea for openjdk6 is no longer maintained.. so just matter of years before that dies out as well
<vcunat>
On x86 Linux we use binaries from dropbox :-)
<andi->
yes.. i've been trying to get rid of them as well
<vcunat>
I suppose bigger languages often do this - eventually relying on compilers written in the same language, and that makes them more difficult to bootstrap from other languages...
<andi->
yes, but look at go they at least try to stay bootstrappable from an earlier version + gcc
jtojnar has joined #nixos-aarch64
<vcunat>
It does have advantages. Especially it isn't good when you only can bootstrap a compiler by the same compiler (vendor lock-in, kind of).
<vcunat>
Maybe it would be worth to boostrap some platform-language pairs via cross-compilation from x86_64
<andi->
yep, but not like now with some images that can't really be reproduced
<gchristensen>
it would be ideal to have some sort of docs on how to rebuild bootstraps
<arianvp>
I'm really kind of surprised the bootstrapping story for java is so crappy
<arianvp>
it being advertised first and foremost as "CROSS PLATFORM!"
<andi->
m(
<andi->
and it runs on a scary number of devices
<arianvp>
There's a JRE in Intel ME!
<andi->
are you kidding me?!?
<arianvp>
Nope. there's an entire java virtual machine in the ME
* andi-
goes back to soldering transitors
<arianvp>
Also, there's a java virtual machine in every gemalto smartcard
<arianvp>
but yeh there are also "features" like the fact that it is a network connected coprocessor with Ring -2 access
<andi->
I actually do not care about the ME that much.. I just hate it that there is virtually no option for a proper personal computer that doesn't run Intel foo
<gchristensen>
arianvp: does that let you do things like iLO / DRAC but ... in the cPU?
<andi->
thats AMT
<andi->
power cycle, serial, maybe even remote screen/monitor and media (haven't checked that in a few years)
<andi->
btw. arianvp are you coming to FOSDEM this year?
<gchristensen>
whoa
<gchristensen>
I should look in to AMT :)
<andi->
gchristensen: keep in mind that AMT had the track record of accepting zero-byte length passwords
<andi->
gchristensen: they messed the strncmp parameter up
<gchristensen>
then I should _definitely_ look in to AMT :)
<andi->
and a diode probably + an esp8266 thats somewhere here
orivej has quit [Ping timeout: 252 seconds]
orivej has joined #nixos-aarch64
<flokli>
gchristensen: The guidelines look good for me.
<flokli>
Thanks for writing this together :-)
<gchristensen>
yeah :) I've been meaning to, I'd hate for someone to get hurt
<jtojnar>
gchristensen: If I understand it correctly, the issue is just about aarch64 derivations? For example, I want to build a Pull Request to test it on my RPi but before another trusted user places a built output with a trojan horse into the store.
<jtojnar>
Or can they somehow inject another x86_64 dependency and poison my local store that way?
<gchristensen>
hmm
<jtojnar>
I am not familiar with the low level Nix details yet
<gchristensen>
I ... don't know
orivej has quit [Ping timeout: 256 seconds]
<gchristensen>
let me ask around
<sphalerite>
gchristensen: pong. Will read :)
<flokli>
gchristensen: regarding the tracking aarch64-issue, do we already have a checklist what's missing?
<sphalerite>
gchristensen: I don't think the bit about it requiring trusted-users is correct, I've built stuff through the daemon using the community box as a remote builder
<gchristensen>
you are a trusted user, sphalerite
<andi->
thats exactly it, isn't it?
<gchristensen>
you have to be trusted on the remote builder, and you are
<gchristensen>
make sense, sphalerite?
<sphalerite>
gchristensen: oooh I misread it then, I thought I needed to be in trusted-users locally to use it
* gchristensen
will clarify
<gchristensen>
updated, make more sense sphalerite?
<gchristensen>
oops, not updated yet
<gchristensen>
ok now updated
orivej has joined #nixos-aarch64
<sphalerite>
Yep that's clearer :)
<gchristensen>
good :D
<gchristensen>
on one hand, the readme is getting a bit long.
<gchristensen>
on the other hand, it is critical to know almost literally everything in it
orivej has quit [Ping timeout: 240 seconds]
<arianvp>
andi-: yeh i'll be at FOSDEM
<arianvp>
:)
<andi->
arianvp: nice, see you there then ;-)
<arianvp>
will try not to outdrink myself during the pre-party this time ...
<arianvp>
that damn delirium cafe
<arianvp>
:)
<andi->
hrhr
<sphalerite>
gchristensen: you can tick me off on the issue as well :)
<gchristensen>
ah thank you :)
<gchristensen>
there is something heart-warming and nostalgic about operating these little systems over serial
<Dezgeg>
gchristensen: yup, read
orivej has joined #nixos-aarch64
<gchristensen>
great, thanks!
<gchristensen>
if anyone here is ready to make bootstrap images that are going to be used long-term, I can arrange for you to have access to a safe version of the remote builder for that purpose, for a short time
<Dezgeg>
what do you mean by bootstrap?
<gchristensen>
like bootstrap-tools that are used to bootstrap nixpkgs on the architecture
<gchristensen>
or the bootstrap files for java
<Dezgeg>
right, there is already a hydra job for bootstrap tools
<gchristensen>
great
<Dezgeg>
perhaps they should be hosted on nixos.org, btw :P
<gchristensen>
I would like that
orivej has quit [Ping timeout: 264 seconds]
<gchristensen>
true - do nothing, successfully
<LnL>
aren’t they stored on tarballs.nixos.org?
<vcunat>
java boostrap tools are on dropbox
<vcunat>
(openjdk, I mean)
<sphalerite>
Yeah... Feels nasty
<sphalerite>
I guess there's not *really* anything wrong with it since we pin the contents, but it's still not nice
<Dezgeg>
arm/aarch64 bootstraps are on nixos-arm.dezgeg.me
<gchristensen>
w00t I got my odroid here netbooting by default, now to generate that image ..
<samueldr>
\o/
<arianvp>
nice
<arianvp>
I'm typing this on my odroid now :)
<arianvp>
what do you mean by generating an image? I just used the arm7l image
<samueldr>
a netboot image I gues
<gchristensen>
yeah, I like using netboot because it feels like magic
<gchristensen>
I think I lied, I didn't get it working. it seems the setup is quite a bit more complex than I thought
<arianvp>
fwiw
<arianvp>
dnsmasq comes built in with an iPXE server
<gchristensen>
I have a bunch of machines here booting with ipxe :)
grahamc has quit [*.net *.split]
vcunat has quit [Quit: Leaving.]
grahamc has joined #nixos-aarch64
* andi-
is sufficiently annoyed by java
<andi->
I started re-using the debian jdk's now
<andi->
seems promising
<andi->
at least to create a "reproducible" chain of derivations to get a bootstrap output
<andi->
but now I am having fun with paxmark (still testing on x86) m(
<arianvp>
gchristensen: do your USB3 ports work? They work on Ubuntu but not on Nixos for me. On odroid
<gchristensen>
I haven't tried I stopped trying to boot it for a bit
<andi->
surprising how bad the single-thread xz performance on the community box is :/
<gchristensen>
its only 2.0ghz
<andi->
yeah, but I mean more like it is 2-3x from what my ~3y old notebook takes
<andi->
but not complaining :D
<andi->
if this works out we have java on aarch64..
<gchristensen>
nice :D
<andi->
for whatever reason
<arianvp>
niiice
<gchristensen>
might have other deficites
<gchristensen>
like apparently the community builder is an in-order processor