--- title: Prosody package repository --- We now have a repository of Prosody packages to allow for automatic updates using a package manager. If you are using Debian, Ubuntu, or another derived GNU/Linux distribution that uses APT (apt, aptitude, etc.) then you can do the following: ## Debian 12+, Ubuntu 22.04+ {#debian} We publish a range of 'prosody.sources' files which can be added to apt, to allow it to download packages from our repository. Use the following command to download the necessary prosody.sources file for your distro and save it in `/etc/apt/sources.list.d/`: ``` bash sudo wget https://prosody.im/downloads/repos/$(lsb_release -sc)/prosody.sources -O/etc/apt/sources.list.d/prosody.sources sudo apt update ``` You can then `apt install` any of the packages from our repository. Available packages: **Release packages** (`prosody`) : Always updated to the latest release, including major releases (which may include breaking changes). Be sure to read release notes before upgrading to new major versions. **Per-branch packages** (e.g. `prosody-13.0`) : Automatically updated nightly with the latest changes and fixes from our code. Our stable release branches will only receive bug fixes and won't include any breaking changes. You will receive updates quicker (before they are officially released). Upgrades to new major versions can be achieved by simply installing the next release branch package. **Note:** The `prosody` package is always kept up to date with the latest stable version of Prosody, including major releases. If your system upgrades packages automatically or you might not review Prosody release notes before upgrading, you may wish to disable automatic updates using e.g. `apt-mark hold prosody`, or install a branch-specific nightly build package instead (e.g. `prosody-13.0`) which only receives minor updates until you manually install the packages of the next major branch. ## Other Debian based (e.g. Ubuntu) {#other} The set of supported Debian and Ubuntu versions follow what Debian and Ubuntu support. You can find out which by running `distro-info --supported`{.bash}. If you are unsure which version your server is running, run the following command in a terminal: ``` bash lsb_release -sc ``` For other Debian or Ubuntu based distributions try to find out which version of Ubuntu or Debian it was based on and use that, otherwise you might need to experiment some. ## Architectures We currently build packages for these architectures: `amd64` : Most modern machines. `i386` : Older 32-bit machines. [^1] `arm64` : Newer 64-bit Raspberry Pi and similar. `armhf` : 32-bit Raspberry Pi and similar. You can check if this matches your machine by running `dpkg --print-architecture`{.bash}. ## August 2025 package signing key update {#aug2025-key-update} On **Monday 4th August 2025**, we will switch our package signatures to a new key. Existing systems which use our package repository **must take action** before this date to allow updates to continue smoothly. If your system does not have our new public key added, after this date you may be unable to update/install our packages, and you will see errors from apt, similar to the following: ``` Err:1 http://packages.prosody.im/debian bookworm InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7 W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://packages.prosody.im/debian bookworm InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7 W: Failed to fetch http://packages.prosody.im/debian/dists/bookworm/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7 ``` ### Update prosody.sources You can use this solution if you are installing Prosody on: - **Debian 12 (bookworm) or later** - **Ubuntu 22.04 (jammy) or later** First, remove any existing prosody sources entries (`deb ...` lines) from your `/etc/apt/sources.list` file and from the directory `/etc/apt/sources.list.d/`. Also remove any prosody-related keys from `/etc/apt/trusted.gpg.d/`. Finally, download our updated prosody.sources file: ``` sudo wget https://prosody.im/downloads/repos/$(lsb_release -sc)/prosody.sources -O/etc/apt/sources.list.d/prosody.sources ``` Ensure everything is working when you run: ``` sudo apt update ``` Congratulations! You're ready for the signing key switch! ### Debian 13 and Ubuntu 24.04 signing key is not bound Before the key update on **Monday 4th August 2025**, you may encounter errors with the Prosody repository on Debian 13 (trixie) or Ubuntu 24.04 (noble). ``` Err:7 http://packages.prosody.im/debian trixie InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 107D65A0A148C237FDF00AB47393D7E674D9DBB5 is not bound: Policy rejected asymmetric algorithm because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z Warning: OpenPGP signature verification failed: http://packages.prosody.im/debian trixie InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 107D65A0A148C237FDF00AB47393D7E674D9DBB5 is not bound: Policy rejected asymmetric algorithm because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z Error: The repository 'http://packages.prosody.im/debian trixie InRelease' is not signed. Notice: Updating from such a repository can't be done securely, and is therefore disabled by default. ``` We will be updating package signatures to resolve this issue. For some user-reported workarounds, view the discussion on [issue #1936](https://issues.prosody.im/1936). [^1]: The latest Ubuntu releases no longer support `i386` and we are unable to build packages for this target anymore.