Installation
============
-{pmg} is based on Debian and comes with an installation CD-ROM
-which includes a complete Debian ("buster" for version 6.x) system as
-well as all necessary {pmg} packages.
+{pmg} is based on Debian. This is why the install disk images (ISO files)
+provided by Proxmox include a complete Debian system as well as all necessary
+{pmg} packages.
-The installer just asks you a few questions, then partitions the local
-disk(s), installs all required packages, and configures the system
-including a basic network setup. You can get a fully functional system
-within a few minutes. This is the preferred and recommended
-installation method.
+TIP: See the xref:faq-support-table[support table in the FAQ] for the
+relationship between {pmg} releases and Debian releases.
-Alternatively, {pmg} can be installed on top of an existing Debian
-system. This option is only recommended for advanced users since
-it requires more detailed knowledge about {pmg} and Debian.
+The installer will guide you through the setup, allowing you to partition the local
+disk(s), apply basic system configurations (for example, timezone, language,
+network) and install all required packages. This process should not take more
+than a few minutes. Installing with the provided ISO is the recommended method
+for new and existing users.
+
+Alternatively, {pmg} can be installed on top of an existing Debian system. This
+option is only recommended for advanced users because detailed knowledge about
+{pmg} is required.
+
+include::pmg-installation-media.adoc[]
[[pmg_install_iso]]
Using the {pmg} Installation CD-ROM
-----------------------------------
-You can download the ISO from http://www.proxmox.com. It includes the
-following:
+The installer ISO image includes the following:
* Complete operating system (Debian Linux, 64-bit)
* The {pmg} installer, which partitions the hard drive(s) with ext4,
- ext3, xfs or ZFS and installs the operating system.
+ XFS or ZFS and installs the operating system
* Linux kernel
* Postfix MTA, ClamAV, Spamassassin and the {pmg} toolset
-* Web based management interface for using the toolset
+* Web-based management interface for using the toolset
+
+NOTE: All existing data on the for installation selected drives will be removed
+during the installation process. The installer does not add boot menu entries
+for other operating systems.
+
+Please insert the xref:installation_prepare_media[prepared installation media]
+(for example, USB flash drive or CD-ROM) and boot from it.
-Please burn the downloaded ISO image to a CD or create a
-xref:create_bootable_usb[bootable USB stick].
+TIP: Make sure that booting from the installation medium (for example, USB) is
+enabled in your server's firmware settings. Secure boot needs to be disabled
+when booting an installer prior to {pmg} version 8.1.
-Then insert the installation CD-ROM on the physical host where you want
-to install {pmg} and boot from that drive. Immediately afterwards you
-can choose the following menu options:
+[thumbnail="installer/pmg-grub-menu.png"]
-image::images/installer/pmg-grub-menu.png[]
+After choosing the correct entry (for example, Boot from USB) the {pmg} menu
+will be displayed, and one of the following options can be selected:
-Install {pmg}::
+Install {pmg} (Graphical)::
Start normal installation.
-Install {pmg} (Debug mode)::
+TIP: It's possible to use the installation wizard with a keyboard only. Buttons
+can be clicked by pressing the `ALT` key combined with the underlined character
+from the respective button. For example, `ALT + N` to press a `Next` button.
+
+Install {pmg} (Terminal UI)::
+
+Starts the terminal-mode installation wizard. It provides the same overall
+installation experience as the graphical installer, but has generally better
+compatibility with very old and very new hardware.
+
+Install {pmg} (Terminal UI, Serial Console)::
+
+Starts the terminal-mode installation wizard, additionally setting up the Linux
+kernel to use the (first) serial port of the machine for in- and output. This
+can be used if the machine is completely headless and only has a serial console
+available.
+
+[thumbnail="installer/pmg-tui-installer.png"]
+
+Both modes use the same code base for the actual installation process to
+benefit from more than a decade of bug fixes and ensure feature parity.
+
+TIP: The 'Terminal UI' option can be used in case the graphical installer does
+not work correctly, due to e.g. driver issues.
+
+Advanced Options: Install {pmg} (Graphical, Debug Mode)::
+
+Starts the installation in debug mode. A console will be opened at several
+installation steps. This helps to debug the situation if something goes wrong.
+To exit a debug console, press `CTRL-D`. This option can be used to boot a live
+system with all basic tools available. You can use it, for example, to repair a
+degraded ZFS 'rpool' or fix the bootloader for an existing {pmg} setup.
+
+Advanced Options: Install {pmg} (Terminal UI, Debug Mode)::
+
+Same as the graphical debug mode, but preparing the system to run the
+terminal-based installer instead.
-Start installation in debug mode. It opens a shell console at several
-installation steps, so that you can debug things if something goes
-wrong. Please press `CTRL-D` to exit those debug consoles and continue
-installation. This option is mostly for developers and not meant for
-general use.
+Advanced Options: Install {pmg} (Serial Console Debug Mode)::
-Rescue Boot::
+Same the terminal-based debug mode, but additionally sets up the Linux kernel to
+use the (first) serial port of the machine for in- and output.
-This option allows you to boot an existing installation. It searches
-all attached hard disks and, if it finds an existing installation,
-boots directly into that disk using the existing Linux kernel. This
-can be useful if there are problems with the boot block (grub), or the
-BIOS is unable to read the boot block from the disk.
+Advanced Options: Rescue Boot::
-Test Memory::
+With this option you can boot an existing installation. It searches all attached
+hard disks. If it finds an existing installation, it boots directly into that
+disk using the Linux kernel from the ISO. This can be useful if there are
+problems with the bootloader (GRUB/`systemd-boot`) or the BIOS/UEFI is unable to
+read the boot block from the disk.
-Runs `memtest86+`. This is useful to check if your memory is
-functional and error free.
+Advanced Options: Test Memory (memtest86+)::
-You normally select *Install {pmg}* to start the installation.
+Runs `memtest86+`. This is useful to check if the memory is functional and free
+of errors. Secure Boot must be turned off in the UEFI firmware setup utility to
+run this option.
-image::images/installer/pmg-select-target-disk.png[]
+You normally select *Install {pmg} (Graphical)* to start the installation.
-First step ist to read our EULA (End User License Agreement). After
-that you get prompted to select the target hard disk(s).
+[thumbnail="installer/pmg-select-target-disk.png"]
-NOTE: By default, the complete server is used and all existing data is
-removed.
+The first step is to read our EULA (End User License Agreement). Following
+this, you can select the target hard disk(s) for the installation.
+
+CAUTION: By default, the whole server is used and all existing data is removed.
+Make sure there is no important data on the server before proceeding with the
+installation.
The `Options` button lets you select the target file system, which
-defaults to `ext4`. The installer uses LVM if you select `ext3`,
-`ext4` or `xfs` as file system, and offers additional option to
+defaults to `ext4`. The installer uses LVM if you select
+`ext4` or `xfs` as a file system, and offers additional options to
restrict LVM space (see <<advanced_lvm_options,below>>)
-If you have more than one disk, you can also use ZFS as file system.
-ZFS supports several software RAID levels, so this is specially useful
+If you have more than one disk, you can also use ZFS as a file system.
+ZFS supports several software RAID levels, which is particularly useful
if you do not have a hardware RAID controller. The `Options` button
-lets you select the ZFS RAID level, and you can choose disks there.
+lets you choose the ZFS RAID level and select which disks will be used.
+
+WARNING: ZFS on top of any hardware RAID is not supported and can result in data
+loss.
-image::images/installer/pmg-select-location.png[]
+[thumbnail="installer/pmg-select-location.png"]
-The next page just ask for basic configuration options like your
-location, the time zone and keyboard layout. The location is used to
-select a download server near you to speedup updates. The installer is
-usually able to auto detect those setting, so you only need to change
-them in rare situations when auto detection fails, or when you want to
-use some special keyboard layout not commonly used in your country.
+The next page asks for basic configuration options like your
+location, timezone, and keyboard layout. The location is used to
+select a nearby download server, in order to increase the speed of updates.
+The installer is usually able to auto-detect these settings, so you only need to
+change them in rare situations when auto-detection fails, or when you want to
+use a keyboard layout not commonly used in your country.
-image::images/installer/pmg-set-password.png[]
+[thumbnail="installer/pmg-set-password.png", float="left"]
You then need to specify an email address and the superuser (root)
password. The password must have at least 5 characters, but we highly
recommend to use stronger passwords - here are some guidelines:
-- Use a minimum password length of 12 to 14 characters.
+- Use a minimum password length of at least 12 characters.
- Include lowercase and uppercase alphabetic characters, numbers and symbols.
or past) and biographical information (e.g., ID numbers, ancestors' names or
dates).
-It is sometimes necessary to send notification to the system
-administrator, for example:
+It is sometimes necessary to send notification to the system administrator, for
+example:
- Information about available package updates.
-- Error messages from periodic CRON jobs.
+- Error messages from periodic cron jobs.
-All those notification mails will be sent to the specified email
-address.
+[thumbnail="installer/pmg-setup-network.png"]
-image::images/installer/pmg-setup-network.png[]
+All those notification mails will be sent to the specified email address.
-The next step is the network configuration. Please note that you can
-use either IPv4 or IPv6 here, but not both. If you want to configure a
-dual stack node, you can easily do that after installation.
+The next step is the network configuration. Please note that you can use either
+IPv4 or IPv6 here, but not both. If you want to configure a dual stack node,
+you can easily do that after the installation.
-image::images/installer/pmg-summary.png[]
+[thumbnail="installer/pmg-installation.png", float="left"]
-If you press `Next`, you will see an overview of your entered
-configuration. Please re-check every setting, you can still use the `Previous`
-button to go back and edit any settings.
+When you press `Next`, you will see an overview of your entered configuration.
+Please re-check every setting, you can still use the `Previous` button to go
+back and edit any settings.
-If you press `Install` now, the installation process starts to format disks,
-and copies packages to the target disk(s).
+After clicking `Install`, the installer will begin to format and copy packages
+to the target disk(s).
-image::images/installer/pmg-installation.png[]
+[thumbnail="installer/pmg-summary.png"]
-Copying packages usually takes a few minutes. Please wait until that is
-finished, then reboot the server.
+Copying the packages usually takes several minutes, mostly depending on the
+speed of the installation medium and the target disk performance.
-Further configuration is done via the Proxmox web interface.
+When copying and setting up the packages has finished, you can reboot the
+server. This will be done automatically after a few seconds by default.
-[thumbnail="pmg-gui-login-window.png"]
+.Installation Failure
-Just point your browser to the IP address given during installation
-(https://youripaddress:8006).
+If the installation failed, check out specific errors on the second TTY
+(`CTRL + ALT + F2') and ensure that the systems meets the
+xref:install_minimal_requirements[minimum requirements].
-. Login and upload subscription key.
-+
-NOTE: Default login is "root" and the root password is
-defined during the installation process.
+If the installation is still not working, look at the xref:getting_help[how to
+get help chapter].
+
+
+Accessing the Management Interface Post-Installation
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+[thumbnail="screenshot/pmg-gui-login-window.png"]
+
+After a succesful installation and reboot of the system you can use the {pmg}
+web interface for further configuration.
+
+. Point your browser to the IP address given during the installation and port
+ 8006, for example: https://youripaddress:8006
+
+. Log in using the `root` username and the password chosen during installation.
+
+. Upload your subscription key to gain access to the Enterprise repository.
+ Otherwise, you will need to set up one of the public, less tested package
+ repositories to get updates for security fixes, bug fixes, and new features.
. Check the IP configuration and hostname.
-. Check and save the Time Zone.
+. Check the timezone.
. Check your xref:firewall_settings[Firewall settings].
-. Configure {pmg} to forward the incoming SMTP traffic to your Mail
+. Configure {pmg} to forward the incoming SMTP traffic to your mail
server ('Configuration/Mail Proxy/Default Relay') - 'Default
-Relay' is your e-mail server.
+Relay' is your email server.
-. Configure your e-mail server to send all outgoing messages through
+. Configure your email server to send all outgoing messages through
your {pmg} ('Smart Host', port 26 by default).
For detailed deployment scenarios see chapter
xref:chapter_deployment[Planning for Deployment].
-If the installation succeeds you have to route all your incoming and
-outgoing e-mail traffic to the Mail Gateway. For incoming traffic you
+After the installation, you have to route all your incoming and
+outgoing email traffic to {pmg}. For incoming traffic, you
have to configure your firewall and/or DNS settings. For outgoing
-traffic you need to change the existing e-mail server configuration.
+traffic you need to change the existing email server configuration.
[[advanced_lvm_options]]
`hdsize`::
-Defines the total HD size to be used. This way you can save free
-space on the HD for further partitioning (i.e. for an additional PV
-and VG on the same hard disk that can be used for LVM storage).
+Defines the total disk size to be used. This way you can save free
+space on the disk for further partitioning (i.e. for an additional PV
+and VG on the same disk that can be used for LVM storage).
`swapsize`::
Defines the size of the `swap` volume. The default is the size of the
-installed memory, minimum 4 GB and maximum 8 GB. The resulting value cannot
-be greater than `hdsize/8`.
+installed memory. The minimum is 4 GB and the maximum is 8 GB. The resulting
+value cannot be greater than `hdsize/8`.
`minfree`::
-Defines the amount of free space left in LVM volume group `pmg`.
-With more than 128GB storage available the default is 16GB, else `hdsize/8`
-will be used.
+Defines the amount of free space that should be left in the LVM volume group
+`pmg`. With more than 128GB storage available, the default is 16GB, otherwise
+`hdsize/8` will be used.
+
NOTE: LVM requires free space in the VG for snapshot creation (not
required for lvmthin snapshots).
ZFS Performance Tips
~~~~~~~~~~~~~~~~~~~~
-ZFS uses a lot of memory, so it is best to add additional RAM if you
-want to use ZFS. A good calculation is 4GB plus 1GB RAM for each TB
+ZFS works best with a lot of memory. If you intend to use ZFS make sure to have
+enough RAM available for it. A good calculation is 4GB plus 1GB RAM for each TB
RAW disk space.
-ZFS also provides the feature to use a fast SSD drive as write cache. The
-write cache is called the ZFS Intent Log (ZIL). You can add that after
-installation using the following command:
+ZFS can use a dedicated drive as write cache, called the ZFS Intent Log (ZIL).
+Use a fast drive (SSD) for it. It can be added after installation with the
+following command:
- zpool add <pool-name> log </dev/path_to_fast_ssd>
+----
+# zpool add <pool-name> log </dev/path_to_fast_ssd>
+----
+Adding the `nomodeset` Kernel Parameter
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-include::pmg-usbstick.adoc[]
+Problems may arise on very old or very new hardware due to graphics drivers. If
+the installation hangs during the boot. In that case, you can try adding the
+`nomodeset` parameter. This prevents the Linux kernel from loading any
+graphics drivers and forces it to continue using the BIOS/UEFI-provided
+framebuffer.
+On the {pmg} bootloader menu, navigate to 'Install {pmg} (Terminal UI)' and
+press `e` to edit the entry. Using the arrow keys, navigate to the line starting
+with `linux`, move the cursor to the end of that line and add the
+parameter `nomodeset`, separated by a space from the pre-existing last
+parameter.
+
+Then press `Ctrl-X` or `F10` to boot the configuration.
[[pmg_install_on_debian]]
Install {pmg} on Debian
{pmg} ships as a set of Debian packages, so you can install it
on top of a normal Debian installation. After configuring the
-repositories, you need to run:
+xref:pmg_package_repositories[package repositories], you need to run:
[source,bash]
----
-apt-get update
-apt-get install proxmox-mailgateway
+apt update
+apt install proxmox-mailgateway
----
-Installing on top of an existing Debian installation looks easy, but
-it presumes that you have correctly installed the base system, and you
+Installing on top of an existing Debian installation seems easy, but
+it assumes that you have correctly installed the base system, and you
know how you want to configure and use the local storage. Network
configuration is also completely up to you.
[[pmg_install_on_debian_container]]
-Install {pmg} as Linux Container Appliance
-------------------------------------------
+Install {pmg} as a Linux Container Appliance
+--------------------------------------------
-The full functionality of {pmg} can also run on top of a Debian-based LXC
+{pmg} can also run inside a Debian-based LXC
instance. In order to keep the set of installed software, and thus the
-necessary updates, minimal you can use the `proxmox-mailgateway-container`
-meta-package. It does not depend on any Linux Kernel, firmware, or components
-used for booting from bare-metal, like grub2.
+necessary updates minimal, you can use the `proxmox-mailgateway-container`
+meta-package. This does not depend on any Linux kernel, firmware, or components
+used for booting from bare-metal, like GRUB.
-A ready-to-use appliance template is available through the
-https://www.proxmox.com/proxmox-ve[Proxmox VE] appliance manager in the `mail`
-section, so if you already use Proxmox VE you can setup a {pmg} instance in a
-minute.
+A ready-to-use appliance template is available through the `mail` section of the
+https://www.proxmox.com/proxmox-virtual-environment/overview[Proxmox VE]
+appliance manager, so if you already use Proxmox VE, you can set up a {pmg}
+instance in minutes.
-NOTE: It's recommended to use a static network configuration. If DHCP should be
-used ensure that the container can always lease the same IP, for example, by
-reserving one with the containers network MAC address.
+NOTE: It's recommended to use a static network configuration. If DHCP must be
+used, ensure that the container always leases the same IP, for example, by
+reserving one with the container's network MAC address.
-Additionally you can also install this on top of a normal Debian installation.
-After configuring the repositories, you need to run:
+Additionally, you can install this on top of a container-based Debian
+installation. After configuring the
+xref:pmg_package_repositories[package repositories], you need to run:
[source,bash]
----
-apt-get update
-apt-get install proxmox-mailgateway-container
+apt update
+apt install proxmox-mailgateway-container
----
-
[[pmg_package_repositories]]
Package Repositories
--------------------
-All {debian} based systems use
-http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package
-management tool. The list of repositories is defined in
-`/etc/apt/sources.list` and `.list` files found inside
-`/etc/apt/sources.d/`. Updates can be installed directly using
-`apt-get`, or via the GUI.
+{pmg} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its
+package management tool like any other Debian-based system.
-Apt `sources.list` files list one package repository per line, with
-the most preferred source listed first. Empty lines are ignored, and a
-`#` character anywhere on a line marks the remainder of that line as a
-comment. The information available from the configured sources is
-acquired by `apt-get update`.
+Repositories in {pmg}
+~~~~~~~~~~~~~~~~~~~~~
+
+Repositories are a collection of software packages. They can be used to install
+new software, but are also important to get new updates.
+
+NOTE: You need valid Debian and Proxmox repositories to get the latest
+security updates, bug fixes and new features.
+
+APT Repositories are defined in the file `/etc/apt/sources.list` and in `.list`
+files placed in `/etc/apt/sources.list.d/`.
+
+Repository Management
+^^^^^^^^^^^^^^^^^^^^^
+
+[thumbnail="screenshot/pmg-gui-admin-repositories.png"]
+
+Since {pmg} 7.0 you can check the repository state in the web interface. The
+'Dashboard' shows a high level status overview, while the separate 'Repository'
+panel (accessible via 'Administration') shows in-depth status and list of all
+configured repositories.
+
+Basic repository management, for example, activating or deactivating a
+repository, is also supported.
+
+Sources.list
+^^^^^^^^^^^^
+
+In a `sources.list` file, each line defines a package repository. The preferred
+source must come first. Empty lines are ignored. A `#` character anywhere on a
+line marks the remainder of that line as a comment. The available packages from
+a repository are acquired by running `apt update`. Updates can be installed
+directly using `apt`, or via the GUI (Administration -> Updates).
.File `/etc/apt/sources.list`
----
-deb http://ftp.debian.org/debian buster main contrib
-
-deb http://ftp.debian.org/debian buster-updates main contrib
+# basic Debian repositories:
+deb http://deb.debian.org/debian bookworm main contrib
+deb http://deb.debian.org/debian bookworm-updates main contrib
# security updates
-deb http://security.debian.org/debian-security buster/updates main contrib
+deb http://security.debian.org/debian-security bookworm-security main contrib
+
+# Proxmox Mail Gateway repo required too - see below!
----
-// FIXME for 7.0: change security update suite to bullseye-security
-In addition, {pmg} provides three different package repositories.
+{pmg} provides three different package repositories.
{pmg} Enterprise Repository
.File `/etc/apt/sources.list.d/pmg-enterprise.list`
----
-deb https://enterprise.proxmox.com/debian/pmg buster pmg-enterprise
+deb https://enterprise.proxmox.com/debian/pmg bookworm pmg-enterprise
----
As soon as updates are available, the `root@pam` user is notified via
-email about the available new packages. On the GUI, the change-log of
+email about the newly available packages. From the GUI, the change-log of
each package can be viewed (if available), showing all details of the
-update. So you will never miss important security fixes.
+update. Thus, you will never miss important security fixes.
-Please note that and you need a valid subscription key to access this
-repository. We offer different support levels, and you can find further
-details at {pricing-url}.
+Please note that you need a valid subscription key to access this
+repository. We offer different support levels, which you can find further
+details about at {pricing-url}.
NOTE: You can disable this repository by commenting out the above line
-using a `#` (at the start of the line). This prevents error messages
+using a `#` (at the start of the line). This prevents error messages,
if you do not have a subscription key. Please configure the
-`pmg-no-subscription` repository in that case.
+`pmg-no-subscription` repository in this case.
{pmg} No-Subscription Repository
As the name suggests, you do not need a subscription key to access
this repository. It can be used for testing and non-production
-use. Its not recommended to run on production servers, as these
+use. It's not recommended to use this on production servers, as these
packages are not always heavily tested and validated.
-We recommend to configure this repository in `/etc/apt/sources.list`.
+We recommend configuring this repository in `/etc/apt/sources.list`.
.File `/etc/apt/sources.list`
----
-deb http://ftp.debian.org/debian buster main contrib
+deb http://ftp.debian.org/debian bookworm main contrib
+deb http://ftp.debian.org/debian bookworm-updates main contrib
+
+# security updates
+deb http://security.debian.org/debian-security bookworm-security main contrib
# PMG pmg-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
-deb http://download.proxmox.com/debian/pmg buster pmg-no-subscription
-
-# security updates
-deb http://security.debian.org/debian-security buster/updates main contrib
+deb http://download.proxmox.com/debian/pmg bookworm pmg-no-subscription
----
{pmg} Test Repository
~~~~~~~~~~~~~~~~~~~~~
-Finally, there is a repository called `pmgtest`. This one contains the
-latest packages and is heavily used by developers to test new
-features. As usual, you can configure this using
+Finally, there is a repository called `pmgtest`. This contains the
+latest packages, and is heavily used by developers to test new
+features. As with before, you can configure this using
`/etc/apt/sources.list` by adding the following line:
.sources.list entry for `pmgtest`
----
-deb http://download.proxmox.com/debian/pmg buster pmgtest
+deb http://download.proxmox.com/debian/pmg bookworm pmgtest
----
-WARNING: the `pmgtest` repository should (as the name implies) only be used
+WARNING: the `pmgtest` repository should only be used
for testing new features or bug fixes.
SecureApt
~~~~~~~~~
-We use GnuPG to sign the `Release` files inside those repositories,
-and APT uses that signatures to verify that all packages are from a
+We use GnuPG to sign the `Release` files inside these repositories,
+and APT uses these signatures to verify that all packages are from a
trusted source.
-The key used for verification is already installed if you install from
-our installation CD. If you install by other means, you can manually
-download the key with:
+The key used for verification is already installed, if you install from
+our installation CD. If you install via another means, you can manually
+download the key by executing the following command as root user:
- # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
+----
+ # wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
+----
-Please verify the checksum afterwards:
+Verify the checksum afterwards with the `sha512sum` CLI tool:
----
-# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
-acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
+# sha512sum /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
+7da6fe34168adc6e479327ba517796d4702fa2f8b4f0a9833f5ea6e6b48f6507a6da403a274fe201595edc86a84463d50383d07f64bdde2e3658108db7d6dc87 /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
----
-or
+or the `md5sum` CLI tool:
+
+----
+# md5sum /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
+41558dc019ef90bd0f6067644a51cf5b /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
+----
+
+
+Debian Non-Free Repository
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Certain software cannot be made available in the `main` and `contrib`
+areas of the {debian} archives, since it does not adhere to the Debian
+Free Software Guidelines (DFSG). These are distributed in the
+{debian_nonfree_archive_area}. For {pmg} two packages from the `non-free` area
+are needed in order to support the RAR archive format:
+
+* `p7zip-rar` for matching xref:pmg_mailfilter_what[Archive Objects] in the
+ xref:chapter_mailfilter[Rule system]
+
+* `libclamunrar` for detecting viruses in RAR archives.
+
+To enable the `non-free` component, run `editor /etc/apt/sources.list` and
+append `non-free` to the end of each `.debian.org` repository line.
+
+Following this, you can install the required packages with:
----
-# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
-f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
+apt update
+apt install libclamunrar p7zip-rar
----
+[[pmg_debian_firmware_repo]]
+Debian Firmware Repository
+~~~~~~~~~~~~~~~~~~~~~~~~~
+Starting with Debian Bookworm ({pmg} 8) non-free firmware (as defined by
+https://www.debian.org/social_contract#guidelines[DFSG]) has been moved to the
+newly created Debian repository component `non-free-firmware`.
+
+Enable this repository if you want to set up
+xref:pmg_firmware_cpu[Early OS Microcode Updates] or need additional
+xref:pmg_firmware_runtime_files[Runtime Firmware Files] not already included in
+the pre-installed package `pve-firmware`.
+
+To be able to install packages from this component, run
+`editor /etc/apt/sources.list`, append `non-free-firmware` to the end of each
+`.debian.org` repository line and run `apt update`.
projects / pmg-docs.git / blobdiff