Created
June 27, 2023 19:57
-
-
Save jibaromar/72138ac3c8503be28c3f7f597d4efc05 to your computer and use it in GitHub Desktop.
Packer source for building a pfSense template in Proxmox with SSHD enabled
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
proxmox_hostname = "https://ns1234567.ip-12-345-6.eu:8006" | |
proxmox_token_user = "packer@pam!packer" | |
proxmox_token = "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################################# | |
# Proxmox variables | |
############################################################# | |
variable "proxmox_hostname" { | |
description = "Proxmox host address (e.g. https://192.168.1.1:8006)" | |
type = string | |
sensitive = true | |
} | |
variable "proxmox_token_user" { | |
description = "Proxmox token user (e.g. root@pam!root)" | |
type = string | |
sensitive = true | |
} | |
variable "proxmox_token" { | |
description = "Proxmox token for the provided proxmox_token_user" | |
type = string | |
sensitive = true | |
} | |
variable "proxmox_node_name" { | |
description = "Proxmox node" | |
type = string | |
} | |
variable "proxmox_insecure_skip_tls_verify" { | |
description = "Skip TLS verification?" | |
type = bool | |
default = true | |
} | |
############################################################# | |
# Template variables | |
############################################################# | |
variable "vm_id" { | |
description = "VM template ID" | |
type = number | |
default = 900 | |
} | |
variable "vm_name" { | |
description = "VM name" | |
type = string | |
default = "pfSense-firewall" | |
} | |
variable "vm_storage_pool" { | |
description = "Storage where template will be stored" | |
type = string | |
default = "local-lvm" | |
} | |
variable "vm_storage_pool_type" { | |
description = "Type of storage where template will be stored" | |
type = string | |
default = "lvm" | |
} | |
variable "vm_cores" { | |
description = "VM amount of memory" | |
type = number | |
default = 2 | |
} | |
variable "vm_memory" { | |
description = "VM amount of memory" | |
type = number | |
default = 2048 | |
} | |
variable "vm_sockets" { | |
description = "VM amount of CPU sockets" | |
type = number | |
default = 1 | |
} | |
variable "iso_checksum" { | |
type = string | |
description = "Checksum of the ISO file" | |
} | |
variable "iso_file" { | |
description = "Location of ISO file on the server. E.g. local:iso/<filename>.iso" | |
type = string | |
} | |
############################################################# | |
# OS Settings | |
############################################################# | |
variable "lan_ip" { | |
description = "IP of the LAN interface" | |
type = string | |
default = "192.168.1.1" | |
} | |
variable "lan_mask" { | |
description = "Mask of the LAN IP" | |
type = string | |
default = "24" | |
} | |
variable "wan_ip" { | |
description = "IP of the WAN interface" | |
type = string | |
default = "10.0.0.2" | |
} | |
variable "wan_mask" { | |
description = "Mask of the WAN IP" | |
type = string | |
default = "30" | |
} | |
variable "wan_gw" { | |
description = "Gateway of the WAN interface" | |
type = string | |
default = "10.0.0.1" | |
} | |
variable "pfsense_default_username" { | |
description = "Default pfsense username" | |
type = string | |
default = "root" | |
} | |
variable "pfsense_default_password" { | |
description = "Default pfsense password" | |
type = string | |
default = "pfsense" | |
} | |
source "proxmox-iso" "pfsense_template" { | |
proxmox_url = "${var.proxmox_hostname}/api2/json" | |
insecure_skip_tls_verify = var.proxmox_insecure_skip_tls_verify | |
username = var.proxmox_token_user | |
token = var.proxmox_token | |
node = var.proxmox_node_name | |
vm_name = var.vm_name | |
vm_id = var.vm_id | |
qemu_agent = false | |
memory = var.vm_memory | |
sockets = var.vm_sockets | |
cores = var.vm_cores | |
os = "other" | |
network_adapters { | |
model = "virtio" | |
bridge = "vmbr1" | |
firewall = true | |
} | |
network_adapters { | |
model = "virtio" | |
bridge = "vmbr2" | |
firewall = true | |
} | |
disks { | |
type = "virtio" | |
disk_size = "10G" | |
storage_pool = var.vm_storage_pool | |
storage_pool_type = var.vm_storage_pool_type | |
format = "qcow2" | |
} | |
ssh_host = var.lan_ip | |
ssh_username = var.pfsense_default_username | |
ssh_password = var.pfsense_default_password | |
ssh_timeout = "10m" | |
iso_file = var.iso_file | |
iso_checksum = var.iso_checksum | |
onboot = true | |
template_name = var.vm_name | |
unmount_iso = true | |
http_directory = "./http" | |
boot_wait = "45s" | |
boot_command = [ | |
"<enter><wait2>", # Accept terms and conditions | |
"<enter><wait2>", # Install pfSense | |
"<enter><wait2>", # Continue with default keyboad mapping | |
"<enter><wait2>", # Auto (ZFS) | |
"<enter><wait2>", # Proceed with installation | |
"<enter><wait2>", # No redundancy | |
"<spacebar><enter><wait2>", # VirtIO Block Device | |
"y<wait1m>", # Confirm ZFS configuration | |
"n<wait2>", # No additional manual configuraton | |
"<enter><wait1.5m>", # Reboot | |
"n<enter><wait2>vtnet0<enter><wait2>vtnet1<enter><wait2>", # Setup WAN and LAN interfaces | |
"y<enter><wait4m>", | |
"14<enter>y<enter>", # Activate SSH | |
"2<enter>1<enter><wait1>n<enter><wait1>${var.wan_ip}<enter><wait2>${var.wan_mask}<enter>", # Setup WAN and LAN IP addresses | |
"${var.wan_gw}<enter><wait1>n<enter><wait1><enter><wait1>n<enter><wait5><enter>", | |
"2<enter>2<enter>n<enter>${var.lan_ip}<enter><wait2>${var.lan_mask}<enter>", | |
"<enter><wait1>n<enter><wait1>n<enter><wait5><enter>n<enter><wait1>n<enter><wait1><enter>" | |
] | |
} | |
build { | |
sources = [ | |
"source.proxmox-iso.pfsense_template" | |
] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
proxmox_insecure_skip_tls_verify = true | |
proxmox_node_name = "ns1234567" | |
vm_id = 900 | |
vm_name = "pfSense-Firewall-template" | |
vm_storage_pool = "local" | |
vm_storage_pool_type = "directory" | |
vm_cores = 2 | |
vm_memory = 2048 | |
vm_sockets = 1 | |
iso_file = "local:iso/pfSense-CE-2.6.0-RELEASE-amd64.iso" | |
iso_checksum = "f6520bb14a5e690c6533e4e8fbf4a48d2967f3bc35a713e716b9c64317a13f23" | |
lan_ip = "192.168.1.1" | |
lan_mask = "24" | |
wan_ip = "10.0.0.2" | |
wan_mask = "30" | |
wan_gw = "10.0.0.1" | |
pfsense_default_username = "root" | |
pfsense_default_password = "pfsense" |
I am using the latest version 2.7.2, and it seems the boot-commands order as well is not in the right order.
I see. Well, that confirms my suspicion. Unfortunately, you'll need to search for a specific boot commands configuration for your version. Alternatively, you can create one yourself by observing the boot setup and noting each step. Here's the documentation I used to create the boot commands I provided, in case you decide to create your own.
Thanks for your help, i have managed to make it work with a few tweaks, here is my repo: https://github.com/Regis-Loyaute/pfsense-packer-proxmox in case you want to see what i have changed.
You're welcome! I'm glad you didn't have to start from scratch. And thank you for sharing 😊.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @Regis-Loyaute, I believe boot commands may vary across different versions of pfSense. I've adjusted this configuration for
pfSense-CE-2.6.0-RELEASE
. Could you please confirm if you're using the same version?