Skip to content

Instantly share code, notes, and snippets.

@jibaromar
Created June 27, 2023 19:57
Show Gist options
  • Save jibaromar/72138ac3c8503be28c3f7f597d4efc05 to your computer and use it in GitHub Desktop.
Save jibaromar/72138ac3c8503be28c3f7f597d4efc05 to your computer and use it in GitHub Desktop.
Packer source for building a pfSense template in Proxmox with SSHD enabled
proxmox_hostname = "https://ns1234567.ip-12-345-6.eu:8006"
proxmox_token_user = "packer@pam!packer"
proxmox_token = ""
#############################################################
# Proxmox variables
#############################################################
variable "proxmox_hostname" {
description = "Proxmox host address (e.g. https://192.168.1.1:8006)"
type = string
sensitive = true
}
variable "proxmox_token_user" {
description = "Proxmox token user (e.g. root@pam!root)"
type = string
sensitive = true
}
variable "proxmox_token" {
description = "Proxmox token for the provided proxmox_token_user"
type = string
sensitive = true
}
variable "proxmox_node_name" {
description = "Proxmox node"
type = string
}
variable "proxmox_insecure_skip_tls_verify" {
description = "Skip TLS verification?"
type = bool
default = true
}
#############################################################
# Template variables
#############################################################
variable "vm_id" {
description = "VM template ID"
type = number
default = 900
}
variable "vm_name" {
description = "VM name"
type = string
default = "pfSense-firewall"
}
variable "vm_storage_pool" {
description = "Storage where template will be stored"
type = string
default = "local-lvm"
}
variable "vm_storage_pool_type" {
description = "Type of storage where template will be stored"
type = string
default = "lvm"
}
variable "vm_cores" {
description = "VM amount of memory"
type = number
default = 2
}
variable "vm_memory" {
description = "VM amount of memory"
type = number
default = 2048
}
variable "vm_sockets" {
description = "VM amount of CPU sockets"
type = number
default = 1
}
variable "iso_checksum" {
type = string
description = "Checksum of the ISO file"
}
variable "iso_file" {
description = "Location of ISO file on the server. E.g. local:iso/<filename>.iso"
type = string
}
#############################################################
# OS Settings
#############################################################
variable "lan_ip" {
description = "IP of the LAN interface"
type = string
default = "192.168.1.1"
}
variable "lan_mask" {
description = "Mask of the LAN IP"
type = string
default = "24"
}
variable "wan_ip" {
description = "IP of the WAN interface"
type = string
default = "10.0.0.2"
}
variable "wan_mask" {
description = "Mask of the WAN IP"
type = string
default = "30"
}
variable "wan_gw" {
description = "Gateway of the WAN interface"
type = string
default = "10.0.0.1"
}
variable "pfsense_default_username" {
description = "Default pfsense username"
type = string
default = "root"
}
variable "pfsense_default_password" {
description = "Default pfsense password"
type = string
default = "pfsense"
}
source "proxmox-iso" "pfsense_template" {
proxmox_url = "${var.proxmox_hostname}/api2/json"
insecure_skip_tls_verify = var.proxmox_insecure_skip_tls_verify
username = var.proxmox_token_user
token = var.proxmox_token
node = var.proxmox_node_name
vm_name = var.vm_name
vm_id = var.vm_id
qemu_agent = false
memory = var.vm_memory
sockets = var.vm_sockets
cores = var.vm_cores
os = "other"
network_adapters {
model = "virtio"
bridge = "vmbr1"
firewall = true
}
network_adapters {
model = "virtio"
bridge = "vmbr2"
firewall = true
}
disks {
type = "virtio"
disk_size = "10G"
storage_pool = var.vm_storage_pool
storage_pool_type = var.vm_storage_pool_type
format = "qcow2"
}
ssh_host = var.lan_ip
ssh_username = var.pfsense_default_username
ssh_password = var.pfsense_default_password
ssh_timeout = "10m"
iso_file = var.iso_file
iso_checksum = var.iso_checksum
onboot = true
template_name = var.vm_name
unmount_iso = true
http_directory = "./http"
boot_wait = "45s"
boot_command = [
"<enter><wait2>", # Accept terms and conditions
"<enter><wait2>", # Install pfSense
"<enter><wait2>", # Continue with default keyboad mapping
"<enter><wait2>", # Auto (ZFS)
"<enter><wait2>", # Proceed with installation
"<enter><wait2>", # No redundancy
"<spacebar><enter><wait2>", # VirtIO Block Device
"y<wait1m>", # Confirm ZFS configuration
"n<wait2>", # No additional manual configuraton
"<enter><wait1.5m>", # Reboot
"n<enter><wait2>vtnet0<enter><wait2>vtnet1<enter><wait2>", # Setup WAN and LAN interfaces
"y<enter><wait4m>",
"14<enter>y<enter>", # Activate SSH
"2<enter>1<enter><wait1>n<enter><wait1>${var.wan_ip}<enter><wait2>${var.wan_mask}<enter>", # Setup WAN and LAN IP addresses
"${var.wan_gw}<enter><wait1>n<enter><wait1><enter><wait1>n<enter><wait5><enter>",
"2<enter>2<enter>n<enter>${var.lan_ip}<enter><wait2>${var.lan_mask}<enter>",
"<enter><wait1>n<enter><wait1>n<enter><wait5><enter>n<enter><wait1>n<enter><wait1><enter>"
]
}
build {
sources = [
"source.proxmox-iso.pfsense_template"
]
}
proxmox_insecure_skip_tls_verify = true
proxmox_node_name = "ns1234567"
vm_id = 900
vm_name = "pfSense-Firewall-template"
vm_storage_pool = "local"
vm_storage_pool_type = "directory"
vm_cores = 2
vm_memory = 2048
vm_sockets = 1
iso_file = "local:iso/pfSense-CE-2.6.0-RELEASE-amd64.iso"
iso_checksum = "f6520bb14a5e690c6533e4e8fbf4a48d2967f3bc35a713e716b9c64317a13f23"
lan_ip = "192.168.1.1"
lan_mask = "24"
wan_ip = "10.0.0.2"
wan_mask = "30"
wan_gw = "10.0.0.1"
pfsense_default_username = "root"
pfsense_default_password = "pfsense"
@jibaromar
Copy link
Author

Hi @Regis-Loyaute, I believe boot commands may vary across different versions of pfSense. I've adjusted this configuration for pfSense-CE-2.6.0-RELEASE. Could you please confirm if you're using the same version?

@Regis-Loyaute
Copy link

I am using the latest version 2.7.2, and it seems the boot-commands order as well is not in the right order.

@jibaromar
Copy link
Author

I see. Well, that confirms my suspicion. Unfortunately, you'll need to search for a specific boot commands configuration for your version. Alternatively, you can create one yourself by observing the boot setup and noting each step. Here's the documentation I used to create the boot commands I provided, in case you decide to create your own.

@Regis-Loyaute
Copy link

Thanks for your help, i have managed to make it work with a few tweaks, here is my repo: https://github.com/Regis-Loyaute/pfsense-packer-proxmox in case you want to see what i have changed.

@jibaromar
Copy link
Author

You're welcome! I'm glad you didn't have to start from scratch. And thank you for sharing 😊.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment