apitoken: use CAUTION for token-only-once-visible note

[pve-docs.git] / pve-package-repos.adoc

[[sysadmin_package_repositories]]
Package Repositories
--------------------
ifdef::wiki[]
:pve-toplevel:
endif::wiki[]

{pve} uses http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as its
package management tool like any other Debian-based system. Repositories are
defined in the file `/etc/apt/sources.list` and in `.list` files placed in
`/etc/apt/sources.list.d/`.

Each line defines a package repository. The preferred source must come first.
Empty lines are ignored. A `#` character anywhere on a line marks the remainder
of that line as a comment. The available packages from a repository are acquired
by running `apt-get update`. Updates can be installed directly using `apt-get`,
or via the GUI.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian buster main contrib
deb http://ftp.debian.org/debian buster-updates main contrib

# security updates
deb http://security.debian.org/debian-security buster/updates main contrib
----
// FIXME for 7.0: change security update suite to bullseye-security

{pve} additionally provides three different package repositories.

[[sysadmin_enterprise_repo]]
{pve} Enterprise Repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~

This is the default, stable, and recommended repository, available for all {pve}
subscription users. It contains the most stable packages and is suitable for
production use. The `pve-enterprise` repository is enabled by default:

.File `/etc/apt/sources.list.d/pve-enterprise.list`
----
deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise
----

The `root@pam` user is notified via email about available updates. Click the
'Changelog' button in the GUI to see more details about the selected update.

You need a valid subscription key to access the `pve-enterprise` repository.
Different support levels are available. Further details can be found at
https://www.proxmox.com/en/proxmox-ve/pricing.

NOTE: You can disable this repository by commenting out the above line using a
`#` (at the start of the line). This prevents error messages if you do not have
a subscription key. Please configure the `pve-no-subscription` repository in
that case.

[[sysadmin_no_subscription_repo]]
{pve} No-Subscription Repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This is the recommended repository for testing and non-production use. Its
packages are not as heavily tested and validated. You don't need a subscription key
to access the `pve-no-subscription` repository.

We recommend to configure this repository in `/etc/apt/sources.list`.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian buster main contrib
deb http://ftp.debian.org/debian buster-updates main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve buster pve-no-subscription

# security updates
deb http://security.debian.org/debian-security buster/updates main contrib
----


[[sysadmin_test_repo]]
{pve} Test Repository
~~~~~~~~~~~~~~~~~~~~~~

This repository contains the latest packages and is primarily used by developers
to test new features. To configure it, add the following line to
`etc/apt/sources.list`:

.sources.list entry for `pvetest`
----
deb http://download.proxmox.com/debian/pve buster pvetest
----

WARNING: The `pvetest` repository should (as the name implies) only be used for
testing new features or bug fixes.

[[sysadmin_package_repositories_ceph]]
{pve} Ceph Repository
~~~~~~~~~~~~~~~~~~~~~

This repository holds the main {pve} Ceph packages. They are suitable for
production. Use this repository if you run the Ceph client or a full Ceph
cluster on {pve}.

.File `/etc/apt/sources.list.d/ceph.list`
----
deb http://download.proxmox.com/debian/ceph-nautilus buster main
----


{pve} Ceph Testing Repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This Ceph repository contains the Ceph packages before they are moved to the
main repository. It is used to test new Ceph releases on {pve}.

.File `/etc/apt/sources.list.d/ceph.list`
----
deb http://download.proxmox.com/debian/ceph-nautilus buster test
----

{pve} Ceph Luminous Repository For Upgrade
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If Ceph is deployed this repository is needed for the upgrade from {pve} 5.x to
{pve} 6.0. It provides packages for the older Ceph Luminous release for {pve}
6.0.

The https://pve.proxmox.com/wiki/Upgrade_from_5.x_to_6.0[Upgrade 5.x to 6.0]
document explains how to use this repository in detail.

.File `/etc/apt/sources.list.d/ceph.list`
----
deb http://download.proxmox.com/debian/ceph-luminous buster main
----

SecureApt
~~~~~~~~~

The 'Release' files in the repositories are signed with GnuPG. APT is using
these signatures to verify that all packages are from a trusted source.

If you install {pve} from an official ISO image, the key for verification is
already installed.

If you install {pve} on top of Debian, download and install
the key with the following commands:

----
 # wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
----

Verify the checksum afterwards with:

----
# sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
----

The output should be:

----
acca6f416917e8e11490a08a1e2842d500b3a5d9f322c6319db0927b2901c3eae23cfb5cd5df6facf2b57399d3cfa52ad7769ebdd75d9b204549ca147da52626 /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
----

or:

----
# md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
----
The output should be:

----
f3f6c5a3a67baf38ad178e5ff1ee270c /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
----


ifdef::wiki[]

// include note about older releases, but only for wiki


{pve} 5.x Repositories
~~~~~~~~~~~~~~~~~~~~~~

{pve} 5.x is based on Debian 9.x (``stretch''). Please note that this release is
out of date. Existing installations should be updated. Nevertheless access to
these repositories is still provided.

[width="100%",cols="<d,3m",options="header"]
|===========================================================
|Repository                 | sources.list entry
|{pve} 5.x Enterprise       |
deb https://enterprise.proxmox.com/debian stretch pve-enterprise
|{pve} 5.x No-Subscription  |
deb http://download.proxmox.com/debian stretch pve-no-subscription
|{pve} 5.x Test             |
deb http://download.proxmox.com/debian stretch pvetest
|===========================================================


{pve} 4.x Repositories
~~~~~~~~~~~~~~~~~~~~~~

{pve} 4.x is based on Debian 8.x (``jessie''). Please note that this release is
out of date. Existing installations should be updated. Nevertheless access to
these repositories is still provided.

[width="100%",cols="<d,3m",options="header"]
|===========================================================
|Repository                 | sources.list entry
|{pve} 4.x Enterprise       |
deb https://enterprise.proxmox.com/debian jessie pve-enterprise
|{pve} 4.x No-Subscription  |
deb http://download.proxmox.com/debian jessie pve-no-subscription
|{pve} 4.x Test             |
deb http://download.proxmox.com/debian jessie pvetest
|===========================================================


{pve} 3.x Repositories
~~~~~~~~~~~~~~~~~~~~~~

{pve} 3.x is based on Debian 7.x (``wheezy''). Please note that this release is
out of date. Existing installations should be updated. Nevertheless access to
these repositories is still provided.

[width="100%",cols="<d,3m",options="header"]
|===========================================================
|Repository                 | sources.list entry
|{pve} 3.x Enterprise       |
deb https://enterprise.proxmox.com/debian wheezy pve-enterprise
|{pve} 3.x No-Subscription  |
deb http://download.proxmox.com/debian wheezy pve-no-subscription
|{pve} 3.x Test             |
deb http://download.proxmox.com/debian wheezy pvetest
|===========================================================


Outdated: `stable` Repository `pve`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This repository is a leftover to ease the update to 3.1. It will not get any
updates after the release of 3.1. Therefore the repository needs to be removed
after the upgrade to 3.1.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian wheezy main contrib

# PVE packages provided by proxmox.com - NO UPDATES after the initial release of 3.1
# deb http://download.proxmox.com/debian wheezy pve

# security updates
deb http://security.debian.org/ wheezy/updates main contrib
----


Outdated: {pve} 2.x Repositories
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

{pve} 2.x is based on Debian 6.0 (``squeeze'') and outdated. Please upgrade to
the latest version as soon as possible. In order to use the stable `pve` 2.x
repository, check your sources.list:

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian squeeze main contrib

# PVE packages provided by proxmox.com
deb http://download.proxmox.com/debian squeeze pve

# security updates
deb http://security.debian.org/ squeeze/updates main contrib
----


Outdated: {pve} VE 1.x Repositories
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

{pve} 1.x is based on Debian 5.0 (``lenny'') and very outdated. Please upgrade
to latest version as soon as possible.


endif::wiki[]
ifdef::manvolnum[]
include::pve-copyright.adoc[]
endif::manvolnum[]