Packer source for building a pfSense template in Proxmox with SSHD enabled

credentials.pkr.hcl

proxmox_hostname = "https://ns1234567.ip-12-345-6.eu:8006"
proxmox_token_user = "packer@pam!packer"
proxmox_token = ""

pfSense.pkr.hcl

  #############################################################
  # Proxmox variables
  #############################################################
  variable "proxmox_hostname" {
    description = "Proxmox host address (e.g. https://192.168.1.1:8006)"
    type = string
    sensitive = true
  }

  variable "proxmox_token_user" {
    description = "Proxmox token user (e.g. root@pam!root)"
    type = string
    sensitive = true
  }

  variable "proxmox_token" {
    description = "Proxmox token for the provided proxmox_token_user"
    type = string
    sensitive = true
  }

  variable "proxmox_node_name" {
    description = "Proxmox node"
    type = string
  }

  variable "proxmox_insecure_skip_tls_verify" {
    description = "Skip TLS verification?"
    type = bool
    default = true
  }

  #############################################################
  # Template variables
  #############################################################

  variable "vm_id" {
    description = "VM template ID"
    type = number
    default = 900
  }

  variable "vm_name" {
    description = "VM name"
    type = string
    default = "pfSense-firewall"
  }

  variable "vm_storage_pool" {
    description = "Storage where template will be stored"
    type = string
    default = "local-lvm"
  }

  variable "vm_storage_pool_type" {
    description = "Type of storage where template will be stored"
    type = string
    default = "lvm"
  }

  variable "vm_cores" {
    description = "VM amount of memory"
    type = number
    default = 2
  }

  variable "vm_memory" {
    description = "VM amount of memory"
    type = number
    default = 2048
  }

  variable "vm_sockets" {
    description = "VM amount of CPU sockets"
    type = number
    default = 1
  }

  variable "iso_checksum" {
    type = string
    description = "Checksum of the ISO file"
  }

  variable "iso_file" {
    description = "Location of ISO file on the server. E.g. local:iso/<filename>.iso"
    type = string
  }

  #############################################################
  # OS Settings
  #############################################################
  variable "lan_ip" {
    description = "IP of the LAN interface"
    type = string
    default = "192.168.1.1"
  }

  variable "lan_mask" {
    description = "Mask of the LAN IP"
    type = string
    default = "24"
  }

  variable "wan_ip" {
    description = "IP of the WAN interface"
    type = string
    default = "10.0.0.2"
  }

  variable "wan_mask" {
    description = "Mask of the WAN IP"
    type = string
    default = "30"
  }

  variable "wan_gw" {
    description = "Gateway of the WAN interface"
    type = string
    default = "10.0.0.1"
  }

  variable "pfsense_default_username" {
    description = "Default pfsense username"
    type = string
    default = "root"
  }

  variable "pfsense_default_password" {
    description = "Default pfsense password"
    type = string
    default = "pfsense"
  }

  source "proxmox-iso" "pfsense_template" {
    proxmox_url               = "${var.proxmox_hostname}/api2/json"
    insecure_skip_tls_verify 	= var.proxmox_insecure_skip_tls_verify
    username                  = var.proxmox_token_user
    token                     = var.proxmox_token
    node                      = var.proxmox_node_name

    vm_name   = var.vm_name
    vm_id     = var.vm_id

    qemu_agent = false

    memory    = var.vm_memory
    sockets   = var.vm_sockets
    cores     = var.vm_cores
    os        = "other"

    network_adapters {
          model   = "virtio"
          bridge  = "vmbr1"
          firewall = true
    }

    network_adapters {
          model   = "virtio"
          bridge  = "vmbr2"
          firewall = true
    }

    disks {
      type              = "virtio"
      disk_size         = "10G"
      storage_pool      = var.vm_storage_pool
      storage_pool_type = var.vm_storage_pool_type
      format            = "qcow2"
    }

    ssh_host              = var.lan_ip
    ssh_username          = var.pfsense_default_username
    ssh_password          = var.pfsense_default_password
    ssh_timeout           = "10m"

    iso_file              = var.iso_file
    iso_checksum          = var.iso_checksum

    onboot                = true

    template_name         = var.vm_name
    unmount_iso           = true

    http_directory        = "./http"
    boot_wait             = "45s"
    boot_command = [
          "<enter><wait2>", # Accept terms and conditions
          "<enter><wait2>", # Install pfSense
          "<enter><wait2>", # Continue with default keyboad mapping
          "<enter><wait2>", # Auto (ZFS)
          "<enter><wait2>", # Proceed with installation
          "<enter><wait2>", # No redundancy
          "<spacebar><enter><wait2>", # VirtIO Block Device
          "y<wait1m>", # Confirm ZFS configuration
          "n<wait2>", # No additional manual configuraton
          "<enter><wait1.5m>", # Reboot
          "n<enter><wait2>vtnet0<enter><wait2>vtnet1<enter><wait2>", # Setup WAN and LAN interfaces
          "y<enter><wait4m>",
          "14<enter>y<enter>", # Activate SSH
          "2<enter>1<enter><wait1>n<enter><wait1>${var.wan_ip}<enter><wait2>${var.wan_mask}<enter>", # Setup WAN and LAN IP addresses
          "${var.wan_gw}<enter><wait1>n<enter><wait1><enter><wait1>n<enter><wait5><enter>",
          "2<enter>2<enter>n<enter>${var.lan_ip}<enter><wait2>${var.lan_mask}<enter>",
          "<enter><wait1>n<enter><wait1>n<enter><wait5><enter>n<enter><wait1>n<enter><wait1><enter>"
    ]
  }

  build {
    sources = [
      "source.proxmox-iso.pfsense_template"
    ]
  } 

variables.pkr.hcl

proxmox_insecure_skip_tls_verify = true
proxmox_node_name = "ns1234567"
vm_id = 900
vm_name = "pfSense-Firewall-template"
vm_storage_pool = "local"
vm_storage_pool_type = "directory"
vm_cores = 2
vm_memory = 2048
vm_sockets = 1
iso_file = "local:iso/pfSense-CE-2.6.0-RELEASE-amd64.iso"
iso_checksum = "f6520bb14a5e690c6533e4e8fbf4a48d2967f3bc35a713e716b9c64317a13f23"
lan_ip = "192.168.1.1"
lan_mask = "24"
wan_ip = "10.0.0.2"
wan_mask = "30"
wan_gw = "10.0.0.1"
pfsense_default_username = "root"
pfsense_default_password = "pfsense"

Hi it seems that during the installation process the boot-command config doesn't select properly the disk, do you have any ideas ?

Hi @Regis-Loyaute, I believe boot commands may vary across different versions of pfSense. I've adjusted this configuration for pfSense-CE-2.6.0-RELEASE. Could you please confirm if you're using the same version?

I am using the latest version 2.7.2, and it seems the boot-commands order as well is not in the right order.

I see. Well, that confirms my suspicion. Unfortunately, you'll need to search for a specific boot commands configuration for your version. Alternatively, you can create one yourself by observing the boot setup and noting each step. Here's the documentation I used to create the boot commands I provided, in case you decide to create your own.

Thanks for your help, i have managed to make it work with a few tweaks, here is my repo: https://github.com/Regis-Loyaute/pfsense-packer-proxmox in case you want to see what i have changed.

You're welcome! I'm glad you didn't have to start from scratch. And thank you for sharing 😊.