Proxmox VE uses APT as its package management tool like any other Debian-based system.
Repositories are a collection of software packages, they can be used to install new software, but are also important to get new updates.
You need valid Debian and Proxmox repositories to get the latest security updates, bug fixes and new features.
APT Repositories are defined in the file /etc/apt/sources.list
and in .list
files placed in /etc/apt/sources.list.d/
.
Since Proxmox VE 7.0 you can check the repository state in the web interface. The node summary panel shows a high level status overview, while the separate Repository panel shows in-depth status and list of all configured repositories.
Basic repository management, for example, activating or deactivating a repository, is also supported.
In a sources.list
file, each line defines a package repository. The preferred
source must come first. Empty lines are ignored. A #
character anywhere on a
line marks the remainder of that line as a comment. The available packages from
a repository are acquired by running apt-get update
. Updates can be installed
directly using apt-get
, or via the GUI (Node → Updates).
File /etc/apt/sources.list
.
deb http://ftp.debian.org/debian bullseye main contrib deb http://ftp.debian.org/debian bullseye-updates main contrib # security updates deb http://security.debian.org/debian-security bullseye-security main contrib
Proxmox VE provides three different package repositories.
This is the default, stable, and recommended repository, available for all Proxmox VE
subscription users. It contains the most stable packages and is suitable for
production use. The pve-enterprise
repository is enabled by default:
File /etc/apt/sources.list.d/pve-enterprise.list
.
deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise
The root@pam
user is notified via email about available updates. Click the
Changelog button in the GUI to see more details about the selected update.
You need a valid subscription key to access the pve-enterprise
repository.
Different support levels are available. Further details can be found at
https://www.proxmox.com/en/proxmox-ve/pricing.
You can disable this repository by commenting out the above line using a
#
(at the start of the line). This prevents error messages if you do not have
a subscription key. Please configure the pve-no-subscription
repository in
that case.
This is the recommended repository for testing and non-production use. Its
packages are not as heavily tested and validated. You don’t need a subscription key
to access the pve-no-subscription
repository.
We recommend to configure this repository in /etc/apt/sources.list
.
File /etc/apt/sources.list
.
deb http://ftp.debian.org/debian bullseye main contrib deb http://ftp.debian.org/debian bullseye-updates main contrib # PVE pve-no-subscription repository provided by proxmox.com, # NOT recommended for production use deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # security updates deb http://security.debian.org/debian-security bullseye-security main contrib
This repository contains the latest packages and is primarily used by developers
to test new features. To configure it, add the following line to
etc/apt/sources.list
:
sources.list entry for pvetest
.
deb http://download.proxmox.com/debian/pve bullseye pvetest
The pvetest
repository should (as the name implies) only be used for
testing new features or bug fixes.
Ceph Pacific (16.2) was declared stable with Proxmox VE 7.0.
This repository holds the main Proxmox VE Ceph Pacific packages. They are suitable for production. Use this repository if you run the Ceph client or a full Ceph cluster on Proxmox VE.
File /etc/apt/sources.list.d/ceph.list
.
deb http://download.proxmox.com/debian/ceph-pacific bullseye main
This Ceph repository contains the Ceph Pacific packages before they are moved to the main repository. It is used to test new Ceph releases on Proxmox VE.
File /etc/apt/sources.list.d/ceph.list
.
deb http://download.proxmox.com/debian/ceph-pacific bullseye test
Ceph Octopus (15.2) was declared stable with Proxmox VE 6.3 it will continue to get updates for the remaining life time of the 6.x release ??? and also for Proxmox VE 7.x until Ceph Octopus upstream EOL (~ 2022-07).
This repository holds the main Proxmox VE Ceph Octopus packages. They are suitable for production. Use this repository if you run the Ceph client or a full Ceph cluster on Proxmox VE.
File /etc/apt/sources.list.d/ceph.list
.
deb http://download.proxmox.com/debian/ceph-octopus bullseye main
Note that on an older Proxmox VE 6.x you need to change bullseye
to buster
in
the repository specification above.
This Ceph repository contains the Ceph packages before they are moved to the main repository. It is used to test new Ceph releases on Proxmox VE.
File /etc/apt/sources.list.d/ceph.list
.
deb http://download.proxmox.com/debian/ceph-octopus bullseye test
The Release files in the repositories are signed with GnuPG. APT is using these signatures to verify that all packages are from a trusted source.
If you install Proxmox VE from an official ISO image, the key for verification is already installed.
If you install Proxmox VE on top of Debian, download and install the key with the following commands:
# wget https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg
Verify the checksum afterwards with the sha512sum
CLI tool:
# sha512sum /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg 7fb03ec8a1675723d2853b84aa4fdb49a46a3bb72b9951361488bfd19b29aab0a789a4f8c7406e71a69aabbc727c936d3549731c4659ffa1a08f44db8fdcebfa /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg
or the md5sum
CLI tool:
# md5sum /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg bcc35c7173e0845c0d6ad6470b70f50e /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg