Why is dietpi trying to connect to Russia mirror.truenetwork.ru during apt update?
Only used dietpi-config to install anything.
Good thing I have .ru blocked on pihole
nothing in the apt list files?
/etc/apt/sources.list.d# grep -R "^deb " /etc/apt/
/etc/apt/sources.list.d/dietpi.list:deb <https://dietpi.com/apt> bookworm main-armv6
/etc/apt/sources.list.d/dietpi.list:deb <https://dietpi.com/apt> all rpi
/etc/apt/sources.list.d/raspi.list:deb <https://archive.raspberrypi.com/debian> bookworm main
/etc/apt/sources.list:deb <http://raspbian.raspberrypi.com/raspbian> bookworm main contrib non-free
echo "$G_DIETPI_VERSION_CORE.$G_DIETPI_VERSION_SUB.$G_DIETPI_VERSION_RC"
"10.3.3"
Distro: Raspbian GNU/Linux 12 (bookworm)
Kernel: 6.18.23+ (#1972 Tue Apr 21 14:47:32 BST 2026)
Arch: armv6l
Version=252.39-1\~deb12u1+rpi1
I have used apt update with dietpi 12 bookworm fine, until today.
E: Failed to fetch http://mirror.truenetwork.ru/raspbian/raspbian/pool/main/n/nghttp2/libnghttp2-14_1.52.0-1+deb12u3_armhf.deb Could not connect to mirror.truenetwork.ru:80 (0.0.0.0). - connect (111: Connection refused) Could not connect to mirror.truenetwork.ru:80 (::). - connect (111: Connection refused)
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
@MichaIng @Joulinar
The http://raspbian.raspberrypi.com/raspbian APT repo is a mirror director, so it connects to any next repository mirror it finds suitable based on your location or IP. If your are located in or close to Russia, the location of the mirror.truenetwork.ru mirror might be best, regarding latency and bandwidth.
This is not managed by us, but by Raspbian and/or Raspberry Pi Ltd.
Also note that, even if you do not trust *.ru domains in general, APT repositories cannot be compromised without the private signing key, for which you have the public component stored in /etc/apt/trusted.gpg.d/. APT pulls https://mirror.truenetwork.ru/raspbian/raspbian/dists/bookworm/InRelease in a first step, and verifies the authenticity of this file by its embedded signature and the key on your system. Only if that matches, it pulls the package lists, based on your architecture and selected components, and compares the hashes with those in the InRelease. The package lists again contain hashes for the individual packages, which need to match as well before packages are installed. This chain guarantees integrity and authenticity of packages, as long as the public key on your system is correct, and the private signing key of the organization (Raspbian in this case) has not been stolen.
Also note that, while there are reasons to not trust Russian government and anything related since their attack on Ukraine, or earlier, not all Russian people and organizations are implicitly untrustworthy. There is an opposition, or at least opposing thoughts and actors, even if heavily suppressed, and there are people and organizations which are just acting entirely unrelated to political actions, living their lives and doing their thing. Most Russian people are just victims as well, even if many may not realize it, as of heavy censorship and propaganda.
Not sure why http://raspbian.raspberrypi.com/raspbian is picking russia, my server is in the middle of the USA? This should not happen, and needs to be fixed.
Here’s how to fix it:
sudo find /etc/apt -type f -exec sed -i 's|http://raspbian.raspberrypi.com/raspbian|https://mirror.umd.edu/raspbian/raspbian|g' {} +
Nothing against the russian people, but F*ck Putin!
WAAAIT, you are breaking your system!! Do not switch from Raspbian to Debian, these are different architectures, ARMv6 vs ARMv7, incompatible!
See here the list of explicit Raspbian mirrors to choose from: RaspbianMirrors - Raspbian
There you also see the Russian mirrors.
Some can be also selected via dietpi-config network options: misc.
I don’t know how the mirror director MirrorBrain works, probably its GeoIP is inaccurate. Even if it would have been compromised, and that mirror as well, your APT would just throw a signature validation error and not download anything else from it.
Right, hence I would not claim Truenetwork or any other Russian mirror operator from the Raspbian mirror list to be untrustworthy, or unfit to host a Raspbian mirror. They do host open source software for people in and around Russia, which is generally a good thing, and the Debian APT package manager works a way that mirror operators do not even need to be trusted, to prevent system compromise even if any of them is hacked, or turning evil.