Package Repositories
All Debian based systems use APT as package management tool. The list of repositories is defined in /etc/apt/sources.list and .list files found inside /etc/apt/sources.d/. Updates can be installed directly using apt-get, or via the GUI.
Apt sources.list files list one package repository per line, with the most preferred source listed first. Empty lines are ignored, and a # character anywhere on a line marks the remainder of that line as a comment. The information available from the configured sources is acquired by apt-get update.
deb http://ftp.debian.org/debian stretch main contrib # security updates deb http://security.debian.org stretch/updates main contrib
In addition, Proxmox VE provides three different package repositories.
Proxmox VE Enterprise Repository
This is the default, stable and recommended repository, available for all Proxmox VE subscription users. It contains the most stable packages, and is suitable for production use. The pve-enterprise repository is enabled by default:
deb https://enterprise.proxmox.com/debian/pve stretch pve-enterprise
As soon as updates are available, the root@pam user is notified via email about the available new packages. On the GUI, the change-log of each package can be viewed (if available), showing all details of the update. So you will never miss important security fixes.
Please note that and you need a valid subscription key to access this repository. We offer different support levels, and you can find further details at https://www.proxmox.com/en/proxmox-ve/pricing.
|
You can disable this repository by commenting out the above line using a # (at the start of the line). This prevents error messages if you do not have a subscription key. Please configure the pve-no-subscription repository in that case. |
Proxmox VE No-Subscription Repository
As the name suggests, you do not need a subscription key to access this repository. It can be used for testing and non-production use. Its not recommended to run on production servers, as these packages are not always heavily tested and validated.
We recommend to configure this repository in /etc/apt/sources.list.
deb http://ftp.debian.org/debian stretch main contrib # PVE pve-no-subscription repository provided by proxmox.com, # NOT recommended for production use deb http://download.proxmox.com/debian/pve stretch pve-no-subscription # security updates deb http://security.debian.org stretch/updates main contrib
Proxmox VE Test Repository
Finally, there is a repository called pvetest. This one contains the latest packages and is heavily used by developers to test new features. As usual, you can configure this using /etc/apt/sources.list by adding the following line:
deb http://download.proxmox.com/debian/pve stretch pvetest
|
the pvetest repository should (as the name implies) only be used for testing new features or bug fixes. |
SecureApt
We use GnuPG to sign the Release files inside those repositories, and APT uses that signatures to verify that all packages are from a trusted source.
The key used for verification is already installed if you install from our installation CD. If you install by other means, you can manually download the key with:
# wget http://download.proxmox.com/debian/proxmox-ve-release-5.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg
Please verify the checksum afterwards:
# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg ffb95f0f4be68d2e753c8875ea2f8465864a58431d5361e88789568673551501ae574283a4e0492f17d79dc67edfb173a56a6304dea39e01f249ebdabc9f074a /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg
or
# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg 511d36d0f1350c01c42a3dc9f3c27939 /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg
Proxmox VE 4.x Repositories
Proxmox VE 4.x is based on Debian 8.x (“jessie”). Please note that this release is out of date, and you should update your installation. Nevertheless, we still provide access to those repositories at our download servers.
| Repository | sources.list entry |
|---|---|
Proxmox VE 4.x Enterprise |
deb https://enterprise.proxmox.com/debian jessie pve-enterprise |
Proxmox VE 4.x No-Subscription |
deb http://download.proxmox.com/debian jessie pve-no-subscription |
Proxmox VE 4.x Test |
deb http://download.proxmox.com/debian jessie pvetest |
Proxmox VE 3.x Repositories
Proxmox VE 3.x is based on Debian 7.x (“wheezy”). Please note that this release is out of date, and you should update your installation. Nevertheless, we still provide access to those repositories at our download servers.
| Repository | sources.list entry |
|---|---|
Proxmox VE 3.x Enterprise |
deb https://enterprise.proxmox.com/debian wheezy pve-enterprise |
Proxmox VE 3.x No-Subscription |
deb http://download.proxmox.com/debian wheezy pve-no-subscription |
Proxmox VE 3.x Test |
deb http://download.proxmox.com/debian wheezy pvetest |
Outdated: stable Repository pve
This repository is a leftover to easy the update to 3.1. It will not get any updates after the release of 3.1. Therefore you need to remove this repository after you upgraded to 3.1.
deb http://ftp.debian.org/debian wheezy main contrib # PVE packages provided by proxmox.com - NO UPDATES after the initial release of 3.1 # deb http://download.proxmox.com/debian wheezy pve # security updates deb http://security.debian.org/ wheezy/updates main contrib
Outdated: Proxmox VE 2.x Repositories
Proxmox VE 2.x is based on Debian 6.0 (“squeeze”) and outdated. Please upgrade to latest version as soon as possible. In order to use the stable pve 2.x repository, check your sources.list:
deb http://ftp.debian.org/debian squeeze main contrib # PVE packages provided by proxmox.com deb http://download.proxmox.com/debian squeeze pve # security updates deb http://security.debian.org/ squeeze/updates main contrib
Outdated: Proxmox VE VE 1.x Repositories
Proxmox VE 1.x is based on Debian 5.0 (“lenny”) and very outdated. Please upgrade to latest version as soon as possible.
