大部分 Debian 的软件源配置文件使用传统的 One-Line-Style,路径为 /etc/apt/sources.list;但是对于容器镜像,从 Debian 12 开始,其软件源配置文件变更为 DEB822 格式,路径为 /etc/apt/sources.list.d/debian.sources。一般情况下,将对应文件中 Debian 默认的源地址 http://deb.debian.org/ 替换为镜像地址即可。
Debian Buster 以上版本默认支持 HTTPS 源。如果遇到无法拉取 HTTPS 源的情况,请先使用 HTTP 源并安装:
{{sudo}}apt install apt-transport-https ca-certificates
传统格式(/etc/apt/sources.list) Debian 版本Debian 12 (bookworm)Debian 11 (bullseye)testingsid启用源码源使用非自由软件源强制安全更新使用镜像# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
{{#sid}}
deb {{endpoint}}/ sid main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src {{endpoint}}/ sid main contrib{{#nf}}{{nonfree}}{{/nf}}
{{/sid}}
{{^sid}}
deb {{endpoint}}/ {{release}} main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src {{endpoint}}/ {{release}} main contrib{{#nf}}{{nonfree}}{{/nf}}
deb {{endpoint}}/ {{release}}-updates main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src {{endpoint}}/ {{release}}-updates main contrib{{#nf}}{{nonfree}}{{/nf}}
deb {{endpoint}}/ {{release}}-backports main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src {{endpoint}}/ {{release}}-backports main contrib{{#nf}}{{nonfree}}{{/nf}}
# 以下安全更新软件源包含了官方源与镜像站配置,如有需要可自行修改注释切换
{{#mirror_security}}
deb {{endpoint}}-security {{release}}{{security}} main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src {{endpoint}}-security {{release}}{{security}} main contrib{{#nf}}{{nonfree}}{{/nf}}
{{/mirror_security}}
{{^mirror_security}}
deb https://security.debian.org/debian-security {{release}}{{security}} main contrib{{#nf}}{{nonfree}}{{/nf}}
{{src}}deb-src https://security.debian.org/debian-security {{release}}{{security}} main contrib{{#nf}}{{nonfree}}{{/nf}}
{{/mirror_security}}
{{/sid}}
DEB822 格式(/etc/apt/sources.list.d/debian.sources) Debian 版本Debian 12 (bookworm)testingsid启用源码源使用非自由软件源强制安全更新使用镜像{{#sid}}
Types: deb
URIs: {{endpoint}}
Suites: sid
Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
{{src}}Types: deb-src
{{src}}URIs: {{endpoint}}
{{src}}Suites: sid
{{src}}Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
{{src}}Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
{{/sid}}
{{^sid}}
Types: deb
URIs: {{endpoint}}
Suites: {{release_deb822}} {{release_deb822}}-updates {{release_deb822}}-backports
Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
{{src}}Types: deb-src
{{src}}URIs: {{endpoint}}
{{src}}Suites: {{release_deb822}} {{release_deb822}}-updates {{release_deb822}}-backports
{{src}}Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
{{src}}Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# 以下安全更新软件源包含了官方源与镜像站配置,如有需要可自行修改注释切换
{{#mirror_security}}
Types: deb
URIs: {{endpoint}}-security
Suites: {{release_deb822}}-security
Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
{{src}}Types: deb-src
{{src}}URIs: {{endpoint}}-security
{{src}}Suites: {{release_deb822}}-security
{{src}}Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
{{src}}Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
{{/mirror_security}}
{{^mirror_security}}
Types: deb
URIs: https://security.debian.org/debian-security
Suites: {{release_deb822}}-security
Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
{{src}}Types: deb-src
{{src}}URIs: https://security.debian.org/debian-security
{{src}}Suites: {{release_deb822}}-security
{{src}}Components: main contrib{{#nf}} non-free non-free-firmware{{/nf}}
{{src}}Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
{{/mirror_security}}
{{/sid}}
为了方便快速配置,此处一并附上了 debian-security 的配置,一般来说,镜像站会同时提供 debian-security,为了更准确的信息您可以前往 Debian Security 帮助 确认。
不过,一般来说,为了更及时地获得安全更新,不推荐使用镜像站安全更新软件源,因为镜像站往往有同步延迟。参考 https://www.debian.org/security/faq.en.html#mirror
The purpose of security.debian.org is to make security updates available as quickly and easily as possible.
Encouraging the use of unofficial mirrors would add extra complexity that is usually not needed and that can cause frustration if these mirrors are not kept up to date.
OpenMediaVault 本节供 OpenMediaVault 帮助使用。
omv-env set OMV_APT_KERNEL_BACKPORTS_REPOSITORY_URL "{{endpoint}}"
omv-env set OMV_APT_SECURITY_REPOSITORY_URL "{{endpoint}}-security"
关于 debian-security 可以参考上文的说明。
Connection reset by peer 在 apt 2.1.9 及以后的版本中,apt 的 HTTP Pipelining 特性与 Nginx 服务器疑似存在一定的不兼容问题,可能导致高带宽从镜像站下载大量软件包 (例如系统升级)时出现偶发的 Connection reset by peer 错误 (详见 Debian bug #973581)。
目前,用户可以通过关闭 HTTP Pipelining 特性解决此问题。 如果需要关闭,可以在使用 apt 命令时加上 -o Acquire::http::Pipeline-Depth=0 参数, 或使用以下命令将相关设置加入 apt 系统配置中:
echo "Acquire::http::Pipeline-Depth \"0\";" > /etc/apt/apt.conf.d/99nopipelining