X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-package-repos.adoc;h=4fcf14704092ab950a301bb9d54e3bcfcd9e0a3b;hb=921926036a9bb3824833ca705e68a45a66f38f09;hp=8c503245b3ff9908018097454f6ed6edcfe0cd90;hpb=33e0c9650464802a2ce5ccf16080fdad23e769a5;p=pve-docs.git diff --git a/pve-package-repos.adoc b/pve-package-repos.adoc index 8c50324..4fcf147 100644 --- a/pve-package-repos.adoc +++ b/pve-package-repos.adoc @@ -5,18 +5,16 @@ ifdef::wiki[] :pve-toplevel: endif::wiki[] -All Debian based systems use -http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package -management tool. The list of repositories is defined in -`/etc/apt/sources.list` and `.list` files found inside -`/etc/apt/sources.d/`. Updates can be installed directly using -`apt-get`, or via the GUI. - -Apt `sources.list` files list one package repository per line, with -the most preferred source listed first. Empty lines are ignored, and a -`#` character anywhere on a line marks the remainder of that line as a -comment. The information available from the configured sources is -acquired by `apt-get update`. +{pve} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its +package management tool like any other Debian-based system. Repositories are +defined in the file `/etc/apt/sources.list` and in `.list` files placed in +`/etc/apt/sources.list.d/`. + +Each line defines a package repository. The preferred source must come first. +Empty lines are ignored. A `#` character anywhere on a line marks the remainder +of that line as a comment. The available packages from a repository are acquired +by running `apt-get update`. Updates can be installed directly using `apt-get`, +or via the GUI. .File `/etc/apt/sources.list` ---- @@ -24,48 +22,44 @@ deb http://ftp.debian.org/debian buster main contrib deb http://ftp.debian.org/debian buster-updates main contrib # security updates -deb http://security.debian.org buster/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- +// FIXME for 7.0: change security update suite to bullseye-security -In addition, {pve} provides three different package repositories. +{pve} additionally provides three different package repositories. [[sysadmin_enterprise_repo]] {pve} Enterprise Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This is the default, stable and recommended repository, available for -all {pve} subscription users. It contains the most stable packages, -and is suitable for production use. The `pve-enterprise` repository is -enabled by default: +This is the default, stable, and recommended repository, available for all {pve} +subscription users. It contains the most stable packages and is suitable for +production use. The `pve-enterprise` repository is enabled by default: .File `/etc/apt/sources.list.d/pve-enterprise.list` ---- deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise ---- -As soon as updates are available, the `root@pam` user is notified via -email about the available new packages. On the GUI, the change-log of -each package can be viewed (if available), showing all details of the -update. So you will never miss important security fixes. - -Please note that you need a valid subscription key to access this -repository. We offer different support levels, and you can find further -details at https://www.proxmox.com/en/proxmox-ve/pricing. +The `root@pam` user is notified via email about available updates. Click the +'Changelog' button in the GUI to see more details about the selected update. -NOTE: You can disable this repository by commenting out the above line -using a `#` (at the start of the line). This prevents error messages -if you do not have a subscription key. Please configure the -`pve-no-subscription` repository in that case. +You need a valid subscription key to access the `pve-enterprise` repository. +Different support levels are available. Further details can be found at +https://www.proxmox.com/en/proxmox-ve/pricing. +NOTE: You can disable this repository by commenting out the above line using a +`#` (at the start of the line). This prevents error messages if you do not have +a subscription key. Please configure the `pve-no-subscription` repository in +that case. [[sysadmin_no_subscription_repo]] {pve} No-Subscription Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -As the name suggests, you do not need a subscription key to access -this repository. It can be used for testing and non-production -use. Its not recommended to run on production servers, as these -packages are not always heavily tested and validated. +This is the recommended repository for testing and non-production use. Its +packages are not as heavily tested and validated. You don't need a subscription key +to access the `pve-no-subscription` repository. We recommend to configure this repository in `/etc/apt/sources.list`. @@ -79,7 +73,7 @@ deb http://ftp.debian.org/debian buster-updates main contrib deb http://download.proxmox.com/debian/pve buster pve-no-subscription # security updates -deb http://security.debian.org buster/updates main contrib +deb http://security.debian.org/debian-security buster/updates main contrib ---- @@ -87,26 +81,25 @@ deb http://security.debian.org buster/updates main contrib {pve} Test Repository ~~~~~~~~~~~~~~~~~~~~~~ -Finally, there is a repository called `pvetest`. This one contains the -latest packages and is heavily used by developers to test new -features. As usual, you can configure this using -`/etc/apt/sources.list` by adding the following line: +This repository contains the latest packages and is primarily used by developers +to test new features. To configure it, add the following line to +`etc/apt/sources.list`: .sources.list entry for `pvetest` ---- deb http://download.proxmox.com/debian/pve buster pvetest ---- -WARNING: the `pvetest` repository should (as the name implies) only be used -for testing new features or bug fixes. +WARNING: The `pvetest` repository should (as the name implies) only be used for +testing new features or bug fixes. [[sysadmin_package_repositories_ceph]] {pve} Ceph Repository ~~~~~~~~~~~~~~~~~~~~~ -This is {pve}'s main Ceph repository and holds the Ceph packages for -production use. You can also use this repository to update only the Ceph -client. +This repository holds the main {pve} Ceph packages. They are suitable for +production. Use this repository if you run the Ceph client or a full Ceph +cluster on {pve}. .File `/etc/apt/sources.list.d/ceph.list` ---- @@ -117,8 +110,8 @@ deb http://download.proxmox.com/debian/ceph-nautilus buster main {pve} Ceph Testing Repository ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This Ceph repository contains the Ceph packages before they are moved into the -main repository and is used to test new Ceph release on {pve}. +This Ceph repository contains the Ceph packages before they are moved to the +main repository. It is used to test new Ceph releases on {pve}. .File `/etc/apt/sources.list.d/ceph.list` ---- @@ -128,9 +121,12 @@ deb http://download.proxmox.com/debian/ceph-nautilus buster test {pve} Ceph Luminous Repository For Upgrade ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This is a build of tje Ceph Luminous release for {pve} 6.0, this can be used to -upgrade a {pve} cluster with Ceph Luminous deployed first to our 6.0 release, -based on Debian Buster, and only afterwards upgrade the Ceph on it's own. +If Ceph is deployed this repository is needed for the upgrade from {pve} 5.x to +{pve} 6.0. It provides packages for the older Ceph Luminous release for {pve} +6.0. + +The https://pve.proxmox.com/wiki/Upgrade_from_5.x_to_6.0[Upgrade 5.x to 6.0] +document explains how to use this repository in detail. .File `/etc/apt/sources.list.d/ceph.list` ---- @@ -140,27 +136,39 @@ deb http://download.proxmox.com/debian/ceph-luminous buster main SecureApt ~~~~~~~~~ -We use GnuPG to sign the `Release` files inside those repositories, -and APT uses that signatures to verify that all packages are from a -trusted source. +The 'Release' files in the repositories are signed with GnuPG. APT is using +these signatures to verify that all packages are from a trusted source. + +If you install {pve} from an official ISO image, the key for verification is +already installed. -The key used for verification is already installed if you install from -our installation CD. If you install by other means, you can manually -download the key with: +If you install {pve} on top of Debian, download and install +the key with the following commands: +---- # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- -Please verify the checksum afterwards: +Verify the checksum afterwards with: ---- # sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- + +The output should be: + +---- acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg ---- -or +or: ---- # md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg +---- +The output should be: + +---- f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg ---- @@ -173,10 +181,9 @@ ifdef::wiki[] {pve} 5.x Repositories ~~~~~~~~~~~~~~~~~~~~~~ -{pve} 5.x is based on Debian 9.x (``stretch''). Please note that this release -is out of date, and you should update your installation. -Nevertheless, we still provide access to those repositories at our download -servers. +{pve} 5.x is based on Debian 9.x (``stretch''). Please note that this release is +out of date. Existing installations should be updated. Nevertheless access to +these repositories is still provided. [width="100%",cols="