diff --git a/tests/packer/debian.pkr.hcl b/tests/packer/debian.pkr.hcl
new file mode 100644
index 00000000..5f0a806a
--- /dev/null
+++ b/tests/packer/debian.pkr.hcl
@@ -0,0 +1,39 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+source "qemu" "debian-server" {
+  disk_image         = true
+  iso_url            = "https://cdimage.debian.org/images/cloud/${var.release.debian.codename}/latest/debian-${var.release.debian.version}-genericcloud-amd64.qcow2"
+  iso_checksum       = "file:https://cdimage.debian.org/images/cloud/${var.release.debian.codename}/latest/SHA512SUMS"
+  iso_target_path    = "${var.iso_dir}/debian-cloudimg-amd64.img"
+  cpus               = 4
+  memory             = 2048
+  disk_size          = "${var.disk_size}"
+  accelerator        = "kvm"
+  headless           = true
+  ssh_username       = "${var.username}"
+  ssh_password       = "${var.password}"
+  ssh_port           = 22
+  ssh_wait_timeout   = "1000s"
+  disk_compression   = true
+  disk_detect_zeroes = "unmap"
+  disk_discard       = "unmap"
+  output_directory   = "${var.output}/"
+  vm_name            = "${var.prefix}${source.name}.qcow2"
+  boot_wait          = "10s"
+  firmware           = "/usr/share/edk2-ovmf/x64/OVMF_CODE.fd"
+  shutdown_command   = "echo ${var.password} | sudo -S /sbin/shutdown -hP now"
+  cd_label           = "cidata"
+  cd_content = {
+    "meta-data" = ""
+    "user-data" = templatefile("${path.cwd}/packer/init/${source.name}.user-data.yml",
+      {
+        username = "${var.username}"
+        password = "${var.password}"
+        ssh_key  = file("${var.ssh_publickey}")
+        hostname = "${var.prefix}${source.name}"
+      }
+    )
+  }
+}
diff --git a/tests/packer/init/debian-server.user-data.yml b/tests/packer/init/debian-server.user-data.yml
new file mode 100644
index 00000000..59134f22
--- /dev/null
+++ b/tests/packer/init/debian-server.user-data.yml
@@ -0,0 +1,54 @@
+#cloud-config
+
+hostname: ${hostname}
+locale: en_IE
+keyboard:
+  layout: ie
+
+ssh_pwauth: true
+users:
+  - name: ${username}
+    plain_text_passwd: ${password}
+    shell: /bin/bash
+    ssh_authorized_keys:
+      - ${ssh_key}
+    lock_passwd: false
+    sudo: ALL=(ALL) NOPASSWD:ALL
+
+package_update: true
+package_upgrade: true
+package_reboot_if_required: false
+packages:
+  - apparmor-profiles
+  - build-essential 
+  - config-package-dev
+  - debhelper
+  - devscripts
+  - htop
+  - qemu-guest-agent
+  - rsync
+  - vim
+
+runcmd:
+  - apt-get update -y
+  - apt-get install -y -t bullseye-backports golang-go
+
+write_files:
+
+  - path: /etc/apt/sources.list
+    append: true
+    content: deb http://deb.debian.org/debian bullseye-backports main contrib non-free
+
+  # Network configuration
+  - path: /etc/systemd/network/20-wired.network
+    owner: 'root:root'
+    permissions: '0644'
+    content: |
+      [Match]
+      Name=en*
+
+      [Network]
+      DHCP=yes
+
+      [DHCPv4]
+      RouteMetric=10