Simplify APT retry logic and add insecure fallback

Replace the previous multi-step APT retry sequence (mirror swaps, sleeps, multiple retries) with a simpler fallback: on apt-get update failure disable Acquire::By-Hash, enable Acquire::AllowInsecureRepositories and attempt updates/installs using --allow-insecure-repositories/--allow-unauthenticated where needed. Restore secure settings and refresh lists afterwards, and preserve/propagate the original command exit status. Apply the same simplification in misc/build.func, misc/install.func and the Proxmox LXC cron updater (tools/pve/update-lxcs-cron.sh) to handle Debian repo desyncs more reliably and reduce complex retry logic.
This commit is contained in:
CanbiZ (MickLesk)
2026-03-26 14:02:09 +01:00
parent 681c438e60
commit 6d213d511f
3 changed files with 18 additions and 99 deletions

View File

@@ -36,40 +36,15 @@ function update_container() {
archlinux) pct exec "$container" -- bash -c "pacman -Syyu --noconfirm" ;;
fedora | rocky | centos | alma) pct exec "$container" -- bash -c "dnf -y update && dnf -y upgrade" ;;
ubuntu | debian | devuan) pct exec "$container" -- bash -c '
apt_update_ok=false
apt-get update && apt_update_ok=true
if [ "$apt_update_ok" = false ]; then
apt-get update || {
echo "Acquire::By-Hash \"no\";" >/etc/apt/apt.conf.d/99no-by-hash
rm -rf /var/lib/apt/lists/*
apt-get update && apt_update_ok=true
fi
if [ "$apt_update_ok" = false ]; then
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[ -f "$src" ] && sed -i "s|deb.debian.org|ftp.de.debian.org|g" "$src"
done
rm -rf /var/lib/apt/lists/*
apt-get update && apt_update_ok=true
fi
if [ "$apt_update_ok" = false ]; then
sleep 30
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[ -f "$src" ] && sed -i "s|ftp.de.debian.org|deb.debian.org|g" "$src"
done
rm -rf /var/lib/apt/lists/*
apt-get update && apt_update_ok=true
fi
if [ "$apt_update_ok" = false ]; then
echo "Acquire::AllowInsecureRepositories \"true\";" >>/etc/apt/apt.conf.d/99no-by-hash
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[ -f "$src" ] && sed -i "s|deb.debian.org|ftp.debian.org|g" "$src"
done
rm -rf /var/lib/apt/lists/*
apt-get update --allow-insecure-repositories
echo "Acquire::By-Hash \"no\";" >/etc/apt/apt.conf.d/99no-by-hash
for src in /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list; do
[ -f "$src" ] && sed -i "s|ftp.debian.org|deb.debian.org|g" "$src"
done
fi
rm -rf /var/lib/apt/lists/*
apt-get update || true
}
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confold" dist-upgrade -y
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED' ;;
opensuse) pct exec "$container" -- bash -c "zypper ref && zypper --non-interactive dup" ;;