So my use case is that I need to install multiple opnsense firewalls in cloud and hypervisors like ESXi.
The provisioning MUST be unattended and will be fully automation.
I have managed to use a Jinja template and Python script to generate a config.xml from a XAML file with all settings. Users, interfaces, system settings and FW rules, passwords and certificates will be pulled from a vault during the process.
I have also managed to use VMware`s guestinfo feature and open-vm-tools to shared the config with the VM.
I added a service that checks if the config is different from the one in /conf/config.xml and replaces it.
During the process I also create a file that avoids having an loop in my auto-provision service.
I choosed that way as it is less work than creating an ISO image with the config and mount it to the VM.
Which I tried before and got stuck with the "press a key" from the installer.
I am stuck with the new config being overwritten, no matter how I restart the services.
So I tried to do it manually, saved the content of the guestinfo into a temp file, copied the temp file over the current configuration. (copy /tmp/config.xml /conf/config.xml)
But as soon as run any command like /usr/local/sbin/configctl the data in /conf/config.xml is replaced again.
I have tried to read the documentation to understand how exactly this works, but did not find any proper documentation.
Then I looked into opnsense-importer and as far as I can tell it just copies the config.xml from a mounted filesystem over /conf/config.xml and reboots.
So I tried to copy and reboot. But again the system comes up with the old configuration.
A Google search revealed that I am not alone with this problem, but I could not find a working answer.
Maybe some more experiences with opnsense could help to figure out how to setup opnsense VMs without the need for any manual intervention.
Maybe the bootstrap method is for you? You could look at my Vagrant project for ideas:
https://github.com/punktDe/vagrant-opnsense