Prosody package repository

We now have a repository of Prosody packages to allow for automatic updates using a package manager.

If you are using Debian, Ubuntu, or another derived GNU/Linux distribution that uses APT (apt, aptitude, etc.) then you can do the following:

Debian 12+, Ubuntu 22.04+

We publish a range of ‘prosody.sources’ files which can be added to apt, to allow it to download packages from our repository.

Use the following command to download the necessary prosody.sources file for your distro and save it in /etc/apt/sources.list.d/:

sudo wget https://prosody.im/downloads/repos/$(lsb_release -sc)/prosody.sources -O/etc/apt/sources.list.d/prosody.sources
sudo apt update

You can then apt install any of the packages from our repository.

Available packages:

Release packages (prosody)
Always updated to the latest release, including major releases (which may include breaking changes). Be sure to read release notes before upgrading to new major versions.
Per-branch packages (e.g. prosody-13.0)
Automatically updated nightly with the latest changes and fixes from our code. Our stable release branches will only receive bug fixes and won’t include any breaking changes. You will receive updates quicker (before they are officially released). Upgrades to new major versions can be achieved by simply installing the next release branch package.

Note: The prosody package is always kept up to date with the latest stable version of Prosody, including major releases. If your system upgrades packages automatically or you might not review Prosody release notes before upgrading, you may wish to disable automatic updates using e.g. apt-mark hold prosody, or install a branch-specific nightly build package instead (e.g. prosody-13.0) which only receives minor updates until you manually install the packages of the next major branch.

Other Debian based (e.g. Ubuntu)

The set of supported Debian and Ubuntu versions follow what Debian and Ubuntu support. You can find out which by running distro-info --supported.

If you are unsure which version your server is running, run the following command in a terminal:

lsb_release -sc

For other Debian or Ubuntu based distributions try to find out which version of Ubuntu or Debian it was based on and use that, otherwise you might need to experiment some.

Architectures

We currently build packages for these architectures:

amd64
Most modern machines.
i386
Older 32-bit machines. 1
arm64
Newer 64-bit Raspberry Pi and similar.
armhf
32-bit Raspberry Pi and similar.

You can check if this matches your machine by running dpkg --print-architecture.

August 2025 package signing key update

On Monday 4th August 2025, we will switch our package signatures to a new key. Existing systems which use our package repository must take action before this date to allow updates to continue smoothly.

If your system does not have our new public key added, after this date you may be unable to update/install our packages, and you will see errors from apt, similar to the following:

Err:1 http://packages.prosody.im/debian bookworm InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://packages.prosody.im/debian bookworm InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7
W: Failed to fetch http://packages.prosody.im/debian/dists/bookworm/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F7A37EB33D0B25D7

Update prosody.sources

You can use this solution if you are installing Prosody on:

  • Debian 12 (bookworm) or later
  • Ubuntu 22.04 (jammy) or later

First, remove any existing prosody sources entries (deb ... lines) from your /etc/apt/sources.list file and from the directory /etc/apt/sources.list.d/.

Also remove any prosody-related keys from /etc/apt/trusted.gpg.d/.

Finally, download our updated prosody.sources file:

sudo wget https://prosody.im/downloads/repos/$(lsb_release -sc)/prosody.sources -O/etc/apt/sources.list.d/prosody.sources

Ensure everything is working when you run:

sudo apt update

Congratulations! You’re ready for the signing key switch!

Debian 13 and Ubuntu 24.04 signing key is not bound

Before the key update on Monday 4th August 2025, you may encounter errors with the Prosody repository on Debian 13 (trixie) or Ubuntu 24.04 (noble).

 Err:7 http://packages.prosody.im/debian trixie InRelease
   Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 107D65A0A148C237FDF00AB47393D7E674D9DBB5 is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
 Warning: OpenPGP signature verification failed: http://packages.prosody.im/debian trixie InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 107D65A0A148C237FDF00AB47393D7E674D9DBB5 is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
 Error: The repository 'http://packages.prosody.im/debian trixie InRelease' is not signed.
 Notice: Updating from such a repository can't be done securely, and is therefore disabled by default.

We will be updating package signatures to resolve this issue. For some user-reported workarounds, view the discussion on issue #1936.

  1. The latest Ubuntu releases no longer support i386 and we are unable to build packages for this target anymore.↩︎