Automated Windows Server 2022 template creation using HashiCorp Packer and Proxmox VE.
This project automates the creation of a Windows Server 2022 VM template on Proxmox using Packer. The template includes:
- Automated Windows installation via unattended.xml
- VirtIO drivers for optimal performance
- IIS (Internet Information Services) pre-installed
- Multi-phase provisioning with PowerShell scripts
- Sysprep generalization for template deployment
- Optional Windows Update integration
- HashiCorp Packer (>= 1.8.0)
- Proxmox VE server with API access
- Proxmox API token with appropriate permissions
Ensure these ISOs are uploaded to your Proxmox server in the local storage:
Win-Server-2022.iso- Windows Server 2022 installation mediavirtio-win.iso- VirtIO drivers for Windows
.
├── windows-server-2022.pkr.hcl # Main Packer configuration
├── variables.pkrvars.hcl # Variable definitions (API credentials)
├── build.sh # Build script
└── data2/ # Provisioning files
├── Autounattend.xml # Unattended Windows installation
├── bootstrap.ps1 # Initial WinRM setup
├── windows-init.ps1 # Windows initialization
├── phase-1.ps1 # Phase 1 provisioning
├── phase-2.ps1 # Phase 2 provisioning
├── phase-3.ps1 # Phase 3 provisioning
├── phase-4.windows-updates.ps1 # Windows updates
├── phase-5a.software.ps1 # Software installation
├── phase-5b.docker.ps1 # Docker installation
├── phase-5c.vagrant.ps1 # Vagrant setup
├── phase-5d.windows-compress.ps1 # Disk compression
├── install-iis.ps1 # IIS installation
├── extend-trial.cmd # Windows trial extension
└── unattend.xml # Sysprep answer file
Create or modify variables.pkrvars.hcl with your Proxmox credentials:
proxmox_api_url = "https://your-proxmox-server:8006/api2/json"
proxmox_api_token_id = "packer@pve!automation1"
proxmox_api_token_secret = "your-token-secret-here"
proxmox_insecure_skip_tls_verify = true
# vm_vlan_tag = "30" # Optional: Uncomment to set VLANSecurity Note: Never commit variables.pkrvars.hcl with real credentials to version control. Consider using environment variables instead:
export PROXMOX_API_URL="https://your-proxmox-server:8006/api2/json"
export PROXMOX_API_TOKEN_ID="packer@pve!automation1"
export PROXMOX_API_TOKEN_SECRET="your-token-secret"
export VM_VLAN_TAG="30" # OptionalEdit windows-server-2022.pkr.hcl to adjust:
- Node: Change
node = "pve3"to your Proxmox node name - Storage: Modify
storage_pool = "local-lvm"to your storage - Resources: Adjust
memory = "4096"andcores = "2"as needed - Network: Configure
bridge,vlan_tag, etc. - Disk Size: Change
disk_size = "50G"if needed
The default administrator password is set in the Packer config:
winrm_username = "Administrator"
winrm_password = "password"windows-server-2022.pkr.hcl(winrm_password)data2/Autounattend.xml(Administrator password)
Before first use, initialize required plugins:
packer init .chmod +x build.sh
./build.shpacker build -var-file=variables.pkrvars.hcl windows-server-2022.pkr.hclThe build typically takes 60 - 75 minutes and includes:
- VM Creation - Creates VM with specified resources
- Windows Installation - Automated via Autounattend.xml
- Driver Installation - VirtIO drivers from mounted ISO
- WinRM Setup - Establishes communication for provisioning
- Phase 1 Provisioning - Base configuration
- Restart - First reboot
- Phase 2 Provisioning - Additional setup
- IIS Installation - Installs web server role (currently disabled)
- Restart - Second reboot
- Optional Updates - Windows Update (if enabled)
- Disk Compression - Reduces template size
- Sysprep - Generalizes the image for deployment
- proxmox (>= 1.2.3) - Proxmox builder
- windows-update (0.15.0) - Windows Update provisioner
The build uses a multi-phase approach with WinRM reconfiguration after each restart:
# After each restart, WinRM must be reconfigured:
provisioner "powershell" {
inline = [
"winrm set winrm/config/service '@{AllowUnencrypted=\"true\"}'",
"winrm set winrm/config/client '@{AllowUnencrypted=\"true\"}'"
]
}Windows Updates are commented out by default for faster builds:
#provisioner "windows-update" {
# search_criteria = "IsInstalled=0"
# update_limit = 10
#}Uncomment this section in windows-server-2022.pkr.hcl to enable updates.
After successful build, the template win2022-baseline will be available in Proxmox:
- Right-click the template in Proxmox UI
- Select "Clone"
- Choose "Full Clone" or "Linked Clone"
- Deploy your new VM
The VM will boot and automatically run through OOBE (Out-of-Box Experience) with the settings from unattend.xml.
Build fails during Windows installation:
- Verify ISO files are present in Proxmox storage
- Check
Autounattend.xmlfor correct product key or remove it - Ensure sufficient resources (RAM/CPU) are allocated
WinRM timeout:
- Increase
winrm_timeoutin the source block - Check firewall rules in Proxmox
- Verify WinRM is enabled in
bootstrap.ps1
Sysprep fails:
- Review
C:\Windows\System32\Sysprep\Panther\setuperr.logon the VM - Ensure all provisioning scripts completed successfully
- Check
unattend.xmlsyntax
Run Packer with debug flag for detailed output:
PACKER_LOG=1 packer build -var-file=variables.pkrvars.hcl windows-server-2022.pkr.hcl- Change default passwords before production use
- Use secure API tokens with minimal required permissions
- Enable TLS verification (
proxmox_insecure_skip_tls_verify = false) with valid certificates - Review provisioning scripts before execution
- Keep credentials out of version control - use environment variables or secrets management
Add your software installation to provisioning scripts:
# In data2/phase-5a.software.ps1
choco install googlechrome -y
choco install notepadplusplus -yEdit data2/Autounattend.xml to customize:
- Regional settings
- Disk partitioning
- User accounts
- Windows features
Add additional provisioners in windows-server-2022.pkr.hcl:
provisioner "powershell" {
script = "./data2/your-custom-script.ps1"
}This project is provided as-is for educational and automation purposes.
Feel free to submit issues or pull requests for improvements.