Package Repositories

From Proxmox VE
(Redirected from Package repositories)
Jump to: navigation, search

All Debian based systems use APT as package management tool. The list of repositories is defined in /etc/apt/sources.list and .list files found inside /etc/apt/sources.d/. Updates can be installed directly using apt-get, or via the GUI.

Apt sources.list files list one package repository per line, with the most preferred source listed first. Empty lines are ignored, and a # character anywhere on a line marks the remainder of that line as a comment. The information available from the configured sources is acquired by apt-get update.

File /etc/apt/sources.list
deb http://ftp.debian.org/debian jessie main contrib

# security updates
deb http://security.debian.org jessie/updates main contrib

In addition, Proxmox VE provides three different package repositories.

Proxmox VE Enterprise Repository

This is the default, stable and recommended repository, available for all Proxmox VE subscription users. It contains the most stable packages, and is suitable for production use. The pve-enterprise repository is enabled by default:

File /etc/apt/sources.list.d/pve-enterprise.list
deb https://enterprise.proxmox.com/debian jessie pve-enterprise

As soon as updates are available, the root@pam user is notified via email about the available new packages. On the GUI, the change-log of each package can be viewed (if available), showing all details of the update. So you will never miss important security fixes.

Please note that and you need a valid subscription key to access this repository. We offer different support levels, and you can find further details at http://www.proxmox.com/en/proxmox-ve/pricing.

Note You can disable this repository by commenting out the above line using a # (at the start of the line). This prevents error messages if you do not have a subscription key. Please configure the pve-no-subscription repository in that case.

Proxmox VE No-Subscription Repository

As the name suggests, you do not need a subscription key to access this repository. It can be used for testing and non-production use. Its not recommended to run on production servers, as these packages are not always heavily tested and validated.

We recommend to configure this repository in /etc/apt/sources.list.

File /etc/apt/sources.list
deb http://ftp.debian.org/debian jessie main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian jessie pve-no-subscription

# security updates
deb http://security.debian.org jessie/updates main contrib

Proxmox VE Test Repository

Finally, there is a repository called pvetest. This one contains the latest packages and is heavily used by developers to test new features. As usual, you can configure this using /etc/apt/sources.list by adding the following line:

sources.list entry for pvetest
deb http://download.proxmox.com/debian jessie pvetest
Warning the pvetest repository should (as the name implies) only be used for testing new features or bug fixes.

SecureApt

We use GnuPG to sign the Release files inside those repositories, and APT uses that signatures to verify that all packages are from a trusted source.

The key used for verification is already installed if you install from our installation CD. If you install by other means, you can manually download the key with:

# wget http://download.proxmox.com/debian/key.asc

Please verify the fingerprint afterwards:

# gpg --with-fingerprint key.asc
pub  1024D/9887F95A 2008-10-28 Proxmox Release Key <proxmox-release@proxmox.com>
      Key fingerprint = BE25 7BAA 5D40 6D01 157D  323E C23A C7F4 9887 F95A
sub  2048g/A87A1B00 2008-10-28

If this shows the exact same fingerprint, you can add the key to the list of trusted APT keys:

# apt-key add key.asc

Proxmox VE 3.x Repositories

Proxmox VE 3.x is based on Debian 7.x (“wheezy”). Please note that this release is out of date, and you should update your installation. Nevertheless, we still provide access to those repositories at our download servers.

Repository sources.list entry

Proxmox VE 3.x Enterprise

deb https://enterprise.proxmox.com/debian wheezy pve-enterprise

Proxmox VE 3.x No-Subscription

deb http://download.proxmox.com/debian wheezy pve-no-subscription

Proxmox VE 3.x Test

deb http://download.proxmox.com/debian wheezy pvetest

Note Apt sources.list configuration files are basically the same as in newer 4.x versions - just replace jessie with wheezy.

Outdated: stable Repository pve

This repository is a leftover to easy the update to 3.1. It will not get any updates after the release of 3.1. Therefore you need to remove this repository after you upgraded to 3.1.

File /etc/apt/sources.list
deb http://ftp.debian.org/debian wheezy main contrib

# PVE packages provided by proxmox.com - NO UPDATES after the initial release of 3.1
# deb http://download.proxmox.com/debian wheezy pve

# security updates
deb http://security.debian.org/ wheezy/updates main contrib

Outdated: Proxmox VE 2.x Repositories

Proxmox VE 2.x is based on Debian 6.0 (“squeeze”) and outdated. Please upgrade to latest version as soon as possible. In order to use the stable pve 2.x repository, check your sources.list:

File /etc/apt/sources.list
deb http://ftp.debian.org/debian squeeze main contrib

# PVE packages provided by proxmox.com
deb http://download.proxmox.com/debian squeeze pve

# security updates
deb http://security.debian.org/ squeeze/updates main contrib

Outdated: Proxmox VE VE 1.x Repositories

Proxmox VE 1.x is based on Debian 5.0 (“lenny”) and very outdated. Please upgrade to latest version as soon as possible.