Twingate Hyper-V Connector
Problem
Some environments - particularly in manufacturing, operations, and traditional enterprise IT - run entirely on Windows Server infrastructure with no Linux hosts available. The Twingate connector is Linux-based, which left these environments without a viable deployment path. Asking these customers to provision and manage a Linux server from scratch was a significant barrier that blocked Twingate adoption entirely.
Approach
Built PowerShell scripts that automate end-to-end connector provisioning on Windows Server via Hyper-V. The primary script (Deploy-TwingateConnector.ps1) handles API-driven connector record creation via the Twingate API, downloads the official Ubuntu 24.04 cloud image (~600 MB) on first run and caches it for reuse, converts and expands the disk to 20 GB VHDX using qemu-img, and provisions Gen2 Hyper-V VMs configured by a cloud-init NoCloud datasource ISO. VMs are named using the pattern TG-Connector-<RemoteNetwork>-<N> and default to 1 vCPU / 2 GB RAM (both customizable).
Security is built in by default. Each VM gets a freshly generated ED25519 SSH keypair stored alongside the VM files; the Ubuntu cloud image's default ubuntu user is disabled, and a random administrator account (e.g. tgadm + 4 random characters) is created with a 24-character random password that's printed at deploy time. The script supports five lifecycle actions - Deploy, Remove, UpdateConnector, UpdateOS, and List - covering the full connector lifecycle from a single tool. The List action reports state, IP, uptime, and connector ID for each VM. Batch deployment is supported via -ConnectorCount, and updates are applied sequentially via SSH with each VM verified ALIVE in Twingate before moving to the next. A companion Reset-TwingateConnectorEnvironment.ps1 utility cleans up all TG-Connector-* VMs and the associated vSwitch while intentionally preserving the cached Ubuntu image for efficient redeployment.
Outcome
Opens up Twingate deployment to Windows-only environments with fully automated provisioning. Admins comfortable with PowerShell get API-driven deployment with no manual token handling, deterministic security defaults, and lifecycle management for updates and removal - all from a single script. A legacy script using a pre-built Ubuntu 22.04 image is retained for simpler one-off use cases. Published under the Twingate-Solutions general scripts repository under Apache 2.0.