[pve-docs.git] / pve-package-repos.adoc

Package Repositories
--------------------
include::attributes.txt[]

ifdef::wiki[]
:pve-toplevel:
endif::wiki[]

All Debian based systems use
http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package
management tool. The list of repositories is defined in
`/etc/apt/sources.list` and `.list` files found inside
`/etc/apt/sources.d/`. Updates can be installed directly using
`apt-get`, or via the GUI.

Apt `sources.list` files list one package repository per line, with
the most preferred source listed first. Empty lines are ignored, and a
`#` character anywhere on a line marks the remainder of that line as a
comment. The information available from the configured sources is
acquired by `apt-get update`.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian jessie main contrib

# security updates
deb http://security.debian.org jessie/updates main contrib
----

In addition, {pve} provides three different package repositories.

{pve} Enterprise Repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~

This is the default, stable and recommended repository, available for
all {pve} subscription users. It contains the most stable packages,
and is suitable for production use. The `pve-enterprise` repository is
enabled by default:

.File `/etc/apt/sources.list.d/pve-enterprise.list`
----
deb https://enterprise.proxmox.com/debian jessie pve-enterprise
----

As soon as updates are available, the `root@pam` user is notified via
email about the available new packages. On the GUI, the change-log of
each package can be viewed (if available), showing all details of the
update. So you will never miss important security fixes.

Please note that and you need a valid subscription key to access this
repository. We offer different support levels, and you can find further
details at http://www.proxmox.com/en/proxmox-ve/pricing.

NOTE: You can disable this repository by commenting out the above line
using a `#` (at the start of the line). This prevents error messages
if you do not have a subscription key. Please configure the
`pve-no-subscription` repository in that case.


{pve} No-Subscription Repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As the name suggests, you do not need a subscription key to access
this repository. It can be used for testing and non-production
use. Its not recommended to run on production servers, as these
packages are not always heavily tested and validated.

We recommend to configure this repository in `/etc/apt/sources.list`.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian jessie main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian jessie pve-no-subscription

# security updates
deb http://security.debian.org jessie/updates main contrib
----


{pve} Test Repository
~~~~~~~~~~~~~~~~~~~~~~

Finally, there is a repository called `pvetest`. This one contains the
latest packages and is heavily used by developers to test new
features. As usual, you can configure this using
`/etc/apt/sources.list` by adding the following line:

.sources.list entry for `pvetest`
----
deb http://download.proxmox.com/debian jessie pvetest
----

WARNING: the `pvetest` repository should (as the name implies) only be used
for testing new features or bug fixes.


SecureApt
~~~~~~~~~

We use GnuPG to sign the `Release` files inside those repositories,
and APT uses that signatures to verify that all packages are from a
trusted source.

The key used for verification is already installed if you install from
our installation CD. If you install by other means, you can manually
download the key with:

 # wget http://download.proxmox.com/debian/key.asc

Please verify the fingerprint afterwards:

----
# gpg --with-fingerprint key.asc
pub  1024D/9887F95A 2008-10-28 Proxmox Release Key <proxmox-release@proxmox.com>
      Key fingerprint = BE25 7BAA 5D40 6D01 157D  323E C23A C7F4 9887 F95A
sub  2048g/A87A1B00 2008-10-28
----

If this shows the exact same fingerprint, you can add the key to the
list of trusted APT keys:

 # apt-key add key.asc


ifdef::wiki[]

// include note about older releases, but only for wiki

{pve} 3.x Repositories
~~~~~~~~~~~~~~~~~~~~~~

{pve} 3.x is based on Debian 7.x (``wheezy''). Please note that this
release is out of date, and you should update your
installation. Nevertheless, we still provide access to those
repositories at our download servers.

[width="100%",cols="<d,3m",options="header"]
|===========================================================
|Repository                 | sources.list entry
|{pve} 3.x Enterprise       |
deb https://enterprise.proxmox.com/debian wheezy pve-enterprise
|{pve} 3.x No-Subscription  |
deb http://download.proxmox.com/debian wheezy pve-no-subscription
|{pve} 3.x Test             |
deb http://download.proxmox.com/debian wheezy pvetest
|===========================================================

NOTE: Apt `sources.list` configuration files are basically the same as
in newer 4.x versions - just replace `jessie` with `wheezy`.

Outdated: `stable` Repository `pve`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This repository is a leftover to easy the update to 3.1. It will not
get any updates after the release of 3.1. Therefore you need to remove
this repository after you upgraded to 3.1.

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian wheezy main contrib

# PVE packages provided by proxmox.com - NO UPDATES after the initial release of 3.1
# deb http://download.proxmox.com/debian wheezy pve

# security updates
deb http://security.debian.org/ wheezy/updates main contrib
----


Outdated: {pve} 2.x Repositories
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

{pve} 2.x is based on Debian 6.0 (``squeeze'') and outdated. Please
upgrade to latest version as soon as possible. In order to use the
stable `pve` 2.x repository, check your sources.list:

.File `/etc/apt/sources.list`
----
deb http://ftp.debian.org/debian squeeze main contrib

# PVE packages provided by proxmox.com
deb http://download.proxmox.com/debian squeeze pve

# security updates
deb http://security.debian.org/ squeeze/updates main contrib
----


Outdated: {pve} VE 1.x Repositories
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

{pve} 1.x is based on Debian 5.0 (``lenny'') and very outdated. Please
upgrade to latest version as soon as possible.


endif::wiki[]
Commit	Line	Data
d91f8c1e DM	1	Package Repositories
d91f8c1e DM	2	--------------------
e71b5d0d	3	include::attributes.txt[]
d91f8c1e	4
5f09af76 DM	5	ifdef::wiki[]
	6	:pve-toplevel:
	7	endif::wiki[]
	8
d91f8c1e DM	9	All Debian based systems use
	10	http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package
	11	management tool. The list of repositories is defined in
8c1189b6 FG	12	`/etc/apt/sources.list` and `.list` files found inside
	13	`/etc/apt/sources.d/`. Updates can be installed directly using
	14	`apt-get`, or via the GUI.
d91f8c1e	15
8c1189b6	16	Apt `sources.list` files list one package repository per line, with
d91f8c1e	17	the most preferred source listed first. Empty lines are ignored, and a
8c1189b6	18	`#` character anywhere on a line marks the remainder of that line as a
d91f8c1e	19	comment. The information available from the configured sources is
8c1189b6	20	acquired by `apt-get update`.
d91f8c1e	21
8c1189b6	22	.File `/etc/apt/sources.list`
d91f8c1e DM	23	----
	24	deb http://ftp.debian.org/debian jessie main contrib
	25
	26	# security updates
	27	deb http://security.debian.org jessie/updates main contrib
	28	----
	29
	30	In addition, {pve} provides three different package repositories.
	31
	32	{pve} Enterprise Repository
	33	~~~~~~~~~~~~~~~~~~~~~~~~~~~
	34
	35	This is the default, stable and recommended repository, available for
	36	all {pve} subscription users. It contains the most stable packages,
f1a72f87 DM	37	and is suitable for production use. The `pve-enterprise` repository is
f1a72f87 DM	38	enabled by default:
d91f8c1e	39
8c1189b6	40	.File `/etc/apt/sources.list.d/pve-enterprise.list`
d91f8c1e DM	41	----
	42	deb https://enterprise.proxmox.com/debian jessie pve-enterprise
	43	----
	44
f1a72f87 DM	45	As soon as updates are available, the `root@pam` user is notified via
	46	email about the available new packages. On the GUI, the change-log of
	47	each package can be viewed (if available), showing all details of the
	48	update. So you will never miss important security fixes.
	49
	50	Please note that and you need a valid subscription key to access this
	51	repository. We offer different support levels, and you can find further
	52	details at http://www.proxmox.com/en/proxmox-ve/pricing.
	53
d91f8c1e	54	NOTE: You can disable this repository by commenting out the above line
8c1189b6	55	using a `#` (at the start of the line). This prevents error messages
d91f8c1e DM	56	if you do not have a subscription key. Please configure the
	57	`pve-no-subscription` repository in that case.
	58
d91f8c1e DM	59
	60	{pve} No-Subscription Repository
	61	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	62
	63	As the name suggests, you do not need a subscription key to access
	64	this repository. It can be used for testing and non-production
	65	use. Its not recommended to run on production servers, as these
	66	packages are not always heavily tested and validated.
	67
8c1189b6	68	We recommend to configure this repository in `/etc/apt/sources.list`.
d91f8c1e	69
8c1189b6	70	.File `/etc/apt/sources.list`
d91f8c1e DM	71	----
	72	deb http://ftp.debian.org/debian jessie main contrib
	73
	74	# PVE pve-no-subscription repository provided by proxmox.com,
	75	# NOT recommended for production use
	76	deb http://download.proxmox.com/debian jessie pve-no-subscription
	77
	78	# security updates
	79	deb http://security.debian.org jessie/updates main contrib
	80	----
	81
9dfb9a99	82
d91f8c1e DM	83	{pve} Test Repository
	84	~~~~~~~~~~~~~~~~~~~~~~
	85
	86	Finally, there is a repository called `pvetest`. This one contains the
	87	latest packages and is heavily used by developers to test new
	88	features. As usual, you can configure this using
8c1189b6	89	`/etc/apt/sources.list` by adding the following line:
d91f8c1e DM	90
	91	.sources.list entry for `pvetest`
	92	----
	93	deb http://download.proxmox.com/debian jessie pvetest
	94	----
	95
b4a65355 FG	96	WARNING: the `pvetest` repository should (as the name implies) only be used
	97	for testing new features or bug fixes.
	98
f1a72f87	99
25663707 DM	100	SecureApt
	101	~~~~~~~~~
	102
8c1189b6	103	We use GnuPG to sign the `Release` files inside those repositories,
25663707 DM	104	and APT uses that signatures to verify that all packages are from a
	105	trusted source.
	106
	107	The key used for verification is already installed if you install from
	108	our installation CD. If you install by other means, you can manually
	109	download the key with:
	110
	111	# wget http://download.proxmox.com/debian/key.asc
	112
	113	Please verify the fingerprint afterwards:
	114
	115	----
	116	# gpg --with-fingerprint key.asc
	117	pub 1024D/9887F95A 2008-10-28 Proxmox Release Key <proxmox-release@proxmox.com>
	118	Key fingerprint = BE25 7BAA 5D40 6D01 157D 323E C23A C7F4 9887 F95A
	119	sub 2048g/A87A1B00 2008-10-28
	120	----
	121
	122	If this shows the exact same fingerprint, you can add the key to the
	123	list of trusted APT keys:
	124
	125	# apt-key add key.asc
	126
	127
f1a72f87 DM	128	ifdef::wiki[]
	129
	130	// include note about older releases, but only for wiki
	131
9dfb9a99 DM	132	{pve} 3.x Repositories
9dfb9a99 DM	133	~~~~~~~~~~~~~~~~~~~~~~
f1a72f87	134
8c1189b6	135	{pve} 3.x is based on Debian 7.x (``wheezy''). Please note that this
f1a72f87 DM	136	release is out of date, and you should update your
	137	installation. Nevertheless, we still provide access to those
	138	repositories at our download servers.
	139
	140	[width="100%",cols="<d,3m",options="header"]
	141	\|===========================================================
	142	\|Repository \| sources.list entry
	143	\|{pve} 3.x Enterprise \|
	144	deb https://enterprise.proxmox.com/debian wheezy pve-enterprise
	145	\|{pve} 3.x No-Subscription \|
	146	deb http://download.proxmox.com/debian wheezy pve-no-subscription
	147	\|{pve} 3.x Test \|
	148	deb http://download.proxmox.com/debian wheezy pvetest
	149	\|===========================================================
	150
8c1189b6 FG	151	NOTE: Apt `sources.list` configuration files are basically the same as
8c1189b6 FG	152	in newer 4.x versions - just replace `jessie` with `wheezy`.
f1a72f87	153
8c1189b6	154	Outdated: `stable` Repository `pve`
9dfb9a99 DM	155	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	156
	157	This repository is a leftover to easy the update to 3.1. It will not
	158	get any updates after the release of 3.1. Therefore you need to remove
	159	this repository after you upgraded to 3.1.
	160
8c1189b6	161	.File `/etc/apt/sources.list`
9dfb9a99 DM	162	----
	163	deb http://ftp.debian.org/debian wheezy main contrib
	164
	165	# PVE packages provided by proxmox.com - NO UPDATES after the initial release of 3.1
	166	# deb http://download.proxmox.com/debian wheezy pve
	167
	168	# security updates
	169	deb http://security.debian.org/ wheezy/updates main contrib
	170	----
	171
	172
	173	Outdated: {pve} 2.x Repositories
	174	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	175
8c1189b6	176	{pve} 2.x is based on Debian 6.0 (``squeeze'') and outdated. Please
9dfb9a99	177	upgrade to latest version as soon as possible. In order to use the
8c1189b6	178	stable `pve` 2.x repository, check your sources.list:
9dfb9a99	179
8c1189b6	180	.File `/etc/apt/sources.list`
9dfb9a99 DM	181	----
	182	deb http://ftp.debian.org/debian squeeze main contrib
	183
	184	# PVE packages provided by proxmox.com
	185	deb http://download.proxmox.com/debian squeeze pve
	186
	187	# security updates
	188	deb http://security.debian.org/ squeeze/updates main contrib
	189	----
	190
	191
	192	Outdated: {pve} VE 1.x Repositories
	193	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	194
8c1189b6	195	{pve} 1.x is based on Debian 5.0 (``lenny'') and very outdated. Please
9dfb9a99 DM	196	upgrade to latest version as soon as possible.
	197
	198
f1a72f87	199	endif::wiki[]