Add Ubuntu Server initial draft

2021-06-07 13:19:00 +02:00
parent b75694479a
commit 04c9eb4f03
53 changed files with 124 additions and 1334 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -16,17 +16,15 @@ steps:
  commands:
  - yamllint --version
  - packer --version
-  - pwsh --version
+  - ansible --version
  - ovftool --version
- name: Windows 10
+- name: Ubuntu Server 20.04
  image: bv11-cr01.bessems.eu/library/packer-extended
  pull: always
  commands:
  - sed -i -e "s/<<img-productkey>>/$${PRODUCTKEY}/" packer/preseed/Windows10/Autounattend.xml
  - |
-    sed -i -e "s/<<img-password>>/$${WINRM_PASSWORD}/g" \
+    sed -i -e "s/<<img-password>>/$${SSH_PASSWORD}/g" \
-      packer/preseed/Windows10/Autounattend.xml \
+      packer/preseed/UbuntuServer20.04/user-data
      packer/preseed/Windows10/Sysprep_Unattend.xml
  - |
    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" scripts
  - |
@@ -35,33 +33,31 @@ steps:
  - |
    packer validate \
      -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-      -var vm_guestos=win10 \
+      -var vm_guestos=ubuntuserver20.04 \
      -var repo_username=$${REPO_USERNAME} \
      -var repo_password=$${REPO_PASSWORD} \
      -var vsphere_password=$${VSPHERE_PASSWORD} \
-      -var winrm_password=$${WINRM_PASSWORD} \
+      -var ssh_password=$${WINRM_PASSWORD} \
      ./packer
  - |
    packer build \
      -on-error=cleanup \
      -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
-      -var vm_guestos=win10 \
+      -var vm_guestos=ubuntuserver20.04 \
      -var repo_username=$${REPO_USERNAME} \
      -var repo_password=$${REPO_PASSWORD} \
      -var vsphere_password=$${VSPHERE_PASSWORD} \
-      -var winrm_password=$${WINRM_PASSWORD} \
+      -var ssh_password=$${WINRM_PASSWORD} \
      ./packer
  environment:
    VSPHERE_PASSWORD:
      from_secret: vsphere_password
-    WINRM_PASSWORD:
+    SSH_PASSWORD:
-      from_secret: winrm_password
+      from_secret: ssh_password
    REPO_USERNAME:
      from_secret: repo_username
    REPO_PASSWORD:
      from_secret: repo_password
    PRODUCTKEY:
      from_secret: prodkey_win10
    # PACKER_LOG: 1
  volumes:
  - name: output
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
@@ -1,16 +0,0 @@
 script = <<-EOH
 $nic = get-netadapter
 Get-NetAdapterBinding –InterfaceAlias $nic.name –ComponentID ms_tcpip6
 EOH
 control "ipv6" do
    title 'Disabled network protocol IPv6'
    desc '
        This test assures that IPv6 is disabled
    '
    describe powershell(script) do
        its('stdout') { should match 'False' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Disabled
@@ -1,29 +0,0 @@
 script = <<-EOH
  # Initialize variable to empty array
  $NonCompliantServices = @()
  # Specify relevant services
  $Services = @(
      "wuauserv",
      "W3SVC",
      "XboxGipSvc",
      "XblGameSave"
  )
  # Enumerate all services
  $NonCompliantServices += Get-Service $Services -ErrorAction 'SilentlyContinue' | Where-Object {$_.StartType -ne 'Disabled'}
  # Output; 'True' or list of noncompliant services
  Write-Output ($True, $NonCompliantServices)[!($NonCompliantServices.Count -eq 0)]
 EOH
 control "disabled_services" do
    title 'Disabled services'
    desc '
        This test assures that all unneeded services are set to "disabled".
    '
    describe powershell(script) do
        its('stdout') { should match 'True' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Single
@@ -1,29 +0,0 @@
 script = <<-EOH
  # Initialize variable to empty array
  $LogicalDisks = @()
  # Enumerate all logicaldisks
  # DriveType:
  #  Unknown (0)
  #  No Root Directory (1)
  #  Removable Disk (2)
  #  Local Disk (3)
  #  Network Drive (4)
  #  Compact Disc (5)
  #  RAM Disk (6)
  $LogicalDisks += Get-WmiObject -Class 'win32_logicaldisk' -Filter 'DriveType=3'
  # Filter/Quantify
  ($LogicalDisks.Count -eq 1) -and (($LogicalDisks | Where-Object {$_.DeviceID -ne 'C:'}).Count -eq 0)
 EOH
 control "single_disk" do
    title 'Single Disk'
    desc '
        This test assures that only a single disk (C:) is available
    '
    describe powershell(script) do
        its('stdout') { should match 'True' }
    end
 end
--- a/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software
+++ b/inspec/Windows10IoTEnterprise/profile/controls/Win10/Software
@@ -1,54 +0,0 @@
 control "software_installed-7zip" do
    title 'Included Default Applications: 7-Zip'
    desc '
        This test assures that the software application "7-Zip" is installed.
    '
    describe chocolatey_package('7zip.install') do
        it { should be_installed }
    end
 end
 # control "software_installed-dotnetfx" do
 #     title 'Included Default Applications: .NET'
 #     desc '
 #         This test assures that the software application ".NET" is installed.
 #     '
 #     describe chocolatey_package('dotnetfx') do
 #         it { should be_installed }
 #     end
 # end
 # control "software_installed-foxitreader" do
 #    title 'Included Default Applications: Foxit Reader'
 #    desc '
 #        This test assures that the software application "Foxit Reader" is installed.
 #    '
 #    describe chocolatey_package('foxitreader') do
 #        it { should be_installed }
 #    end
 # end
 # control "software_installed-notepadplusplus" do
 #     title 'Included Default Applications: Notepad++'
 #     desc '
 #         This test assures that the software application "Notepad++" is installed.
 #     '
 #     describe chocolatey_package('notepadplusplus') do
 #         it { should be_installed }
 #     end
 # end
 # control "software_installed-putty" do
 #     title 'Included Default Applications: Putty'
 #     desc '
 #         This test assures that the software application "PuTTy" is installed.
 #     '
 #     describe chocolatey_package('putty') do
 #         it { should be_installed }
 #     end
 # end
--- a/inspec/Windows10IoTEnterprise/profile/inspec.yml
+++ b/inspec/Windows10IoTEnterprise/profile/inspec.yml
@@ -1,10 +0,0 @@
 ---
 name: Windows 10 IoT Enterprise
 title: Windows 10 IoT Enterprise InSpec Tests
 summary: Unit test for Windows 10 IoT Enterprise
 version: 1.0.0
 maintainer: https://code.spamasaurus.com/djpbessems
 copyright: https://code.spamasaurus.com/djpbessems
 license: Proprietary
 supports:
  - platform-family: windows
--- a/packer/preseed/UbuntuServer20.04/user-data
+++ b/packer/preseed/UbuntuServer20.04/user-data
@@ -0,0 +1,29 @@
 #cloud-config
 autoinstall:
  version: 1
  locale: en_US
  keyboard:
    layout: en
    variant: us
  network:
    network:
      version: 2
      ethernets:
        ens192:
          dhcp4: true
  storage:
    layout:
      name: lvm
  identity:
    hostname: packer-template
    username: root
    password: <<ssh-password>>
  ssh:
    install-server: yes
    allow-pw: true
 #    authorized-keys: 
 #      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCi9eAu6KBaShdcL4pxi6/sJp+IS6nCKexcjQdwFLxg+EoiT2MTAnMsjnfi570het+VV+iOigcZLuRwEcAPh6rSQOtpikmpV6WFjzToWq9aUxDrxWsp/iEPHp+sbjrlsdnGvLGY9XhmPs9s5I8xFQbwF6ilhMIQm+RxtGJJuPUWaF+uXo+3CB91A6bK/rjs97iAjrPZRs0vo5hJGqrIGFi3WP9hf8hF9oWz2BiLRYBib3il6lsAl4Ca0sI//gNM0Ztj4gB7qv1+uPz157bk0IZoN285/72l/rUZVSPIwO+QFZFK07FsyVrpAgMlHk65BiSAO4DtolZEArfXRE1g1DH/ mail@example.com
  user-data:
    disable_root: false
 #  late-commands:
 #    - echo 'ubnt ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu
--- a/packer/preseed/Windows10/Autounattend.xml
+++ b/packer/preseed/Windows10/Autounattend.xml
@@ -1,159 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <servicing/>
    <settings pass="windowsPE">
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <DiskConfiguration>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Order>1</Order>
                            <Type>Primary</Type>
                            <Extend>true</Extend>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Extend>false</Extend>
                            <Format>NTFS</Format>
                            <Letter>C</Letter>
                            <Order>1</Order>
                            <PartitionID>1</PartitionID>
                            <Label>Windows 10</Label>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>0</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
                <WillShowUI>OnError</WillShowUI>
            </DiskConfiguration>
            <UserData>
                <AcceptEula>true</AcceptEula>
                <!-- <FullName>Spamasaurus Rex</FullName>
                <Organization>Spamasaurus Rex</Organization> -->
                <ProductKey>
                    <Key><<img-productkey>></Key>
                    <WillShowUI>Never</WillShowUI>
                </ProductKey>
            </UserData>
            <ImageInstall>
                <OSImage>
                    <InstallTo>
                        <DiskID>0</DiskID>
                        <PartitionID>1</PartitionID>
                    </InstallTo>
                    <WillShowUI>OnError</WillShowUI>
                    <InstallToAvailablePartition>false</InstallToAvailablePartition>
                    <InstallFrom>
                        <MetaData wcm:action="add">
                            <Key>/IMAGE/INDEX</Key>
                            <Value>3</Value>
                        </MetaData>
                    </InstallFrom>
                </OSImage>
            </ImageInstall>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-US</UILanguageFallback>
            <UserLocale>en-US</UserLocale>
        </component>
    </settings>
    <settings pass="offlineServicing">
        <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <EnableLUA>false</EnableLUA>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <UserAccounts>
                <AdministratorPassword>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
            </UserAccounts>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Home</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
            </OOBE>
            <AutoLogon>
                <Password>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </Password>
                <Username>administrator</Username>
                <Enabled>true</Enabled>
            </AutoLogon>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
                    <Description>Set execution policy 64bit</Description>
                    <Order>1</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
                    <Description>Set execution policy 32bit</Description>
                    <Order>2</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c reg add "HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine>
                    <Description>Disable new network prompt</Description>
                    <Order>3</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Set-NetworkProfile.ps1</CommandLine>
                    <Description>Set network profile to private</Description>
                    <Order>4</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Disable-WinRM.ps1</CommandLine>
                    <Description>Disable WinRM</Description>
                    <Order>5</Order>
                    <RequiresUserInput>true</RequiresUserInput>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c a:\Install-VMwareTools.cmd</CommandLine>
                    <Order>13</Order>
                    <Description>Install VMware Tools</Description>
                </SynchronousCommand>
                <SynchronousCommand wcm:action="add">
                    <CommandLine>cmd.exe /c C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\Enable-WinRM.ps1</CommandLine>
                    <Description>Enable WinRM</Description>
                    <Order>99</Order>
                </SynchronousCommand>
            </FirstLogonCommands>
            <ShowWindowsLive>false</ShowWindowsLive>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <OEMInformation>
                <HelpCustomized>false</HelpCustomized>
            </OEMInformation>
            <!-- Rename computer here. -->
            <ComputerName>packer-template</ComputerName>
            <TimeZone>W. Europe Standard Time</TimeZone>
            <RegisteredOwner/>
        </component>
        <component xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
    </settings>
 </unattend>
--- a/packer/preseed/Windows10/Sysprep_Unattend.xml
+++ b/packer/preseed/Windows10/Sysprep_Unattend.xml
@@ -1,42 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="generalize">
        <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipRearm>1</SkipRearm>
        </component>
        <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
            <DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <SkipMachineOOBE>true</SkipMachineOOBE>
                <SkipUserOOBE>true</SkipUserOOBE>
            </OOBE>
            <TimeZone>UTC</TimeZone>
            <UserAccounts>
                <AdministratorPassword>
                    <Value><<img-password>></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
            </UserAccounts>
        </component>
    </settings>
    <settings pass="specialize">
    </settings>
 </unattend>
--- a/packer/ubuntuserver20.04.pkr.hcl
+++ b/packer/ubuntuserver20.04.pkr.hcl
@@ -0,0 +1,84 @@
 packer {
  required_plugins {
  }
 }
 source "vsphere-iso" "ubuntuserver" {
  vcenter_server          = var.vcenter_server
  username                = var.vsphere_username
  password                = var.vsphere_password
  insecure_connection     = "true"
  vm_name                 = "${var.vm_guestos}-${var.vm_name}"
  datacenter              = var.vsphere_datacenter
  host                    = var.vsphere_host
  folder                  = var.vsphere_folder
  datastore               = var.vsphere_datastore
  guest_os_type           = "ubuntu64Guest"
  boot_order              = "disk,cdrom"
  boot_command            = [
    "<enter><wait2><enter><wait><f6><esc><wait>",
    " autoinstall<wait2> ds=nocloud;",
    "<wait><enter>"
  ]
  boot_wait               = "2s"
  communicator            = "ssh"
  winrm_username          = "root"
  winrm_password          = var.ssh_password
  winrm_timeout           = "10m"
  CPUs                    = 2
  RAM                     = 4096
  network_adapters {
    network               = var.vsphere_network
    network_card          = "vmxnet3"
  }
  storage {
    disk_size             = 20480
    disk_thin_provisioned = true
  }
  disk_controller_type    = ["pvscsi"]
  usb_controller          = ["xhci"]
  cd_files                = [
    "packer/preseed/UbuntuServer20.04/*"
  ]
  cd_label                = "cidata"
  iso_checksum            = "sha256:D1F2BF834BBE9BB43FAF16F9BE992A6F3935E65BE0EDECE1DEE2AA6EB1767423"
  iso_url                 = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Canonical/Ubuntu%20Server%2020.04/ubuntu-20.04.2-live-server-amd64.iso"
  shutdown_command        = "echo '${var.ssh_password}' | sudo -S shutdown -P now"
  shutdown_timeout        = "5m"
  export {
    images                = false
    output_directory      = "/scratch/ubuntuserver"
  }
  remove_cdrom            = true
 }
 build {
  sources = ["source.vsphere-iso.ubuntuserver"]
  // provisioner "file" {
  //   destination = ""
  //   source      = ""
  // }
  post-processor "shell-local" {
    inline = [
      "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
      " -OVFFile '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
      "pwsh -file scripts/Update-Manifest.ps1 \\",
      " -ManifestFileName '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.mf'",
      "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
      " '/scratch/ubuntuserver/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " /output/UbuntuServer20.04.ova"
    ]
  }
 }
--- a/packer/variables.pkr.hcl
+++ b/packer/variables.pkr.hcl
@@ -12,7 +12,7 @@ variable "vsphere_network" {}
 variable "vm_name" {}
 variable "vm_guestos" {}
-variable "winrm_password" {}
+variable "ssh_password" {}
 variable "repo_username" {}
 variable "repo_password" {}
--- a/packer/windows10.pkr.hcl
+++ b/packer/windows10.pkr.hcl
@@ -1,133 +0,0 @@
 packer {
  required_plugins {
    windows-update = {
      version = ">= 0.12.0"
      source  = "github.com/rgl/windows-update"
    }
  }
 }
 source "vsphere-iso" "win10" {
  vcenter_server          = var.vcenter_server
  username                = var.vsphere_username
  password                = var.vsphere_password
  insecure_connection     = "true"
  vm_name                 = "${var.vm_guestos}-${var.vm_name}"
  datacenter              = var.vsphere_datacenter
  host                    = var.vsphere_host
  folder                  = var.vsphere_folder
  datastore               = var.vsphere_datastore
  guest_os_type           = "windows9_64Guest"
  boot_order              = "disk,cdrom"
  boot_command            = [""]
  boot_wait               = "5m"
  communicator            = "winrm"
  winrm_username          = "administrator"
  winrm_password          = var.winrm_password
  winrm_timeout           = "10m"
  CPUs                    = 2
  RAM                     = 8192
  network_adapters {
    network               = var.vsphere_network
    network_card          = "vmxnet3"
  }
  storage {
    disk_size             = 20480
    disk_thin_provisioned = true
  }
  disk_controller_type    = ["lsilogic-sas"]
  usb_controller          = ["xhci"]
  floppy_files            = [
    "packer/preseed/Windows10/Autounattend.xml",
    "packer/preseed/Windows10/Sysprep_Unattend.xml",
    "scripts/Set-NetworkProfile.ps1",
    "scripts/Disable-WinRM.ps1",
    "scripts/Enable-WinRM.ps1",
    "scripts/Install-VMwareTools.cmd"
  ]
  iso_checksum            = "sha256:8D1663B71280533824CF95C7AB48ADAF5A187C38FCFF5B16A569F903688916D0"
  iso_paths               = [
    "ISO-files/VMware-tools-windows-11.2.1-17243207/VMware-tools-windows-11.2.1-17243207.iso"
  ]
  iso_url                 = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Microsoft/Windows%2010/20H2/en_windows_10_enterprise_20H2_x64.iso"
  shutdown_command        = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
  shutdown_timeout        = "1h"
  export {
    images                = false
    output_directory      = "/scratch/win10"
  }
  remove_cdrom            = true
 }
 build {
  sources = ["source.vsphere-iso.win10"]
  provisioner "windows-update" {
    filters = [
      "exclude:$_.Title -like '*Preview*'",
      "include:$true"
    ]
  }
  provisioner "powershell" {
    inline = [
      "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12",
      "Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
    ]
  }
  provisioner "powershell" {
    inline = [
      "choco config set --name=limit-output --value=LimitOutput",
      "choco install -y 7zip.install",
      "choco install -y sysinternals",
      "choco install -y firefox"
    ]
  }
  provisioner "windows-update" {
    filters = [
      "exclude:$_.Title -like '*Preview*'",
      "include:$true"
    ]
  }
  provisioner "powershell" {
    inline = [
      "New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False"
    ]
  }
  provisioner "file" {
    destination = "C:\\Payload\\"
    source      = "scripts/Windows10/payload/"
  }
  provisioner "powershell" {
    scripts = [
      "scripts/Windows10/Register-ScheduledTask.ps1"
    ]
  }
  post-processor "shell-local" {
    inline = [
      "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
      " -OVFFile '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
      "pwsh -file scripts/Update-Manifest.ps1 \\",
      " -ManifestFileName '/scratch/win10/${var.vm_guestos}-${var.vm_name}.mf'",
      "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
      " '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
      " /output/Windows10.ova"
    ]
  }
 }
--- a/scripts/Disable-WinRM.ps1
+++ b/scripts/Disable-WinRM.ps1
@@ -1,8 +0,0 @@
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block
 netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
 $winrmService = Get-Service -Name WinRM
 if ($winrmService.Status -eq "Running"){
    Disable-PSRemoting -Force
 }
 Stop-Service winrm
 Set-Service -Name winrm -StartupType Disabled
--- a/scripts/Enable-WinRM.ps1
+++ b/scripts/Enable-WinRM.ps1
@@ -1,18 +0,0 @@
 $NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
 $Connections = $NetworkListManager.GetNetworkConnections()
 $Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) }
 Enable-PSRemoting -Force
 winrm quickconfig -q
 winrm quickconfig -transport:http
 winrm set winrm/config '@{MaxTimeoutms="1800000"}'
 winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}'
 winrm set winrm/config/service '@{AllowUnencrypted="true"}'
 winrm set winrm/config/service/auth '@{Basic="true"}'
 winrm set winrm/config/client/auth '@{Basic="true"}'
 winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}'
 netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow
 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public new remoteip=any
 Set-Service winrm -startuptype "auto"
 Restart-Service winrm
--- a/scripts/Install-VMwareTools.cmd
+++ b/scripts/Install-VMwareTools.cmd
@@ -1,2 +0,0 @@
@rem Silent mode, basic UI, no reboot
 e:\setup64 /s /v "/qb REBOOT=R"
--- a/scripts/MVMC/BlockList.xml
+++ b/scripts/MVMC/BlockList.xml
@@ -1,73 +0,0 @@
 <?xml version="1.0"  encoding="utf-8" ?>
 <BlockList>
    <!-- services to disable -->
    <Services>
 		<Name>MVMCP2VAgent</Name>
 		<Name>VMTools</Name>
 		<Name> VMUpgradeHelper </Name>
 		<Name> vmvss </Name>
        <Name>vmdesched</Name>
        <Name>Virtual Server</Name>
        <!-- Virtual Machine Helper -->
        <Name>vmh</Name>
        <!-- Xen-specific service -->
        <Name>xensvc</Name>
    </Services>
    <!-- drivers to disable -->
    <Drivers>
        <Name>vmx_svga</Name>
        <Name>vmmouse</Name>
        <Name>vmscsi</Name>
        <Name>amdpcn</Name>
        <Name>PCnet</Name>
        <Name>VMMEMCTL</Name>
        <Name> pvscsi </Name>
        <Name> vmci </Name>
        <Name> vmmouse </Name>
        <Name> vmaudio </Name>
        <Name> vmrawdsk </Name>
        <Name> vmxnet </Name>
        <Name> vmxnet3ndis6 </Name>
        <Name> vm3dmp </Name>
        <Name> vmdebug </Name>
        <Name> vmxnet3ndis5 </Name>
        <Name>cirrus</Name>
        <!-- storage drivers -->
        <Name>buslogic</Name>
        <Name>symc810</Name>
        <Name>cpqarray</Name>
        <Name>pcntn4m</Name>
        <Name>cpqnf3</Name>
        <Name>MRaidNT</Name>
        <Name>Symc8XX</Name>
        <!-- VIA chipset drivers -->
        <Name>viaide</Name>
        <Name>VIAudio</Name>
        <Name>VIAPFD</Name>
        <Name>viafilter</Name>
        <Name>viaagp</Name>
        <Name>viaagp1</Name>
        <!-- network drivers: Intel(R) PRO/100 -->
        <Name>E100B</Name>
        <!-- tape drivers -->
        <Name>4mmdat</Name>
        <Name>4mmdat-SeSFT</Name>
        <Name>SCSIChanger</Name>
        <!-- Virtual Machine Monitor -->
        <Name>vmm</Name>
        <!-- Xen-specific drivers -->
        <Name>xenevtchn</Name>
        <Name>xenvbd</Name>
        <Name>xennet</Name>
    </Drivers>
    <Programs>
        <Name>ProMON</Name>
        <Name>s3tray2</Name>
        <Name>VMwareTray</Name>
        <Name>VMwareUser</Name>
    </Programs>
 </BlockList>
--- a/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Framework.Core.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Framework.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Framework.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.Engine.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshCommon.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x64.dll
--- a/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll
+++ b/scripts/MVMC/Microsoft.Accelerators.Mvmc.ScxSshWrapper_x86.dll
--- a/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll
+++ b/scripts/MVMC/Microsoft.Practices.ServiceLocation.dll
--- a/scripts/MVMC/Microsoft.Practices.Unity.dll
+++ b/scripts/MVMC/Microsoft.Practices.Unity.dll
--- a/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll
+++ b/scripts/MVMC/Microsoft.Samples.WindowsAzure.ServiceManagement.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.CloudService.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ConsoleAppUtils.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Service.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceBus.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.ServiceManagement.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.SqlDatabase.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Sync.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Tools.Vhd.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.Websites.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Management.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Management.dll
--- a/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll
+++ b/scripts/MVMC/Microsoft.WindowsAzure.Storage.dll
--- a/scripts/MVMC/MvmcCmdlet.dll
+++ b/scripts/MVMC/MvmcCmdlet.dll
--- a/scripts/MVMC/MvmcCmdlet.psd1
+++ b/scripts/MVMC/MvmcCmdlet.psd1
--- a/scripts/MVMC/Sshlib_x64.dll
+++ b/scripts/MVMC/Sshlib_x64.dll
--- a/scripts/MVMC/Sshlib_x86.dll
+++ b/scripts/MVMC/Sshlib_x86.dll
--- a/scripts/MVMC/System.Reactive.Core.dll
+++ b/scripts/MVMC/System.Reactive.Core.dll
--- a/scripts/MVMC/System.Reactive.Interfaces.dll
+++ b/scripts/MVMC/System.Reactive.Interfaces.dll
--- a/scripts/MVMC/System.Reactive.Linq.dll
+++ b/scripts/MVMC/System.Reactive.Linq.dll
--- a/scripts/MVMC/System.Reactive.PlatformServices.dll
+++ b/scripts/MVMC/System.Reactive.PlatformServices.dll
--- a/scripts/MVMC/System.Reactive.Providers.dll
+++ b/scripts/MVMC/System.Reactive.Providers.dll
--- a/scripts/MVMC/System.Reactive.Windows.Threading.dll
+++ b/scripts/MVMC/System.Reactive.Windows.Threading.dll
--- a/scripts/Remove-Resources.ps1
+++ b/scripts/Remove-Resources.ps1
@@ -1,51 +0,0 @@
 [CmdletBinding()]
 Param(
    [Parameter(Mandatory)]
    [string]$VMName,
    [Parameter(Mandatory)]
    [string]$VSphereFQDN,
    [Parameter(Mandatory)]
    [string]$VSphereUsername,
    [Parameter(Mandatory)]
    [string]$VSpherePassword
 )
 $PowerCliConfigurationSplat = @{
    Scope                    = 'User'
    ParticipateInCEIP        = $False
    Confirm                  = $False
    InvalidCertificateAction = 'Ignore'
 }
 Set-PowerCLIConfiguration @PowerCliConfigurationSplat | Out-Null
 $ConnectVIServerSplat = @{
    Server        = $VSphereFQDN
    User          = "$VSphereUsername"
    Password      = "$VSpherePassword"
    WarningAction = 'SilentlyContinue'
 }
 Connect-VIServer @ConnectVIServerSplat | Out-Null
 $GetVMSplat = @{
    Name        = "*$($VMName)*"
    ErrorAction = 'SilentlyContinue'
 }
 If ([boolean](Get-VM @GetVMSplat)) {
    $RemoveVMSplat = @{
        VM                       = Get-VM @GetVMSplat
        DeletePermanently        = $True
        Confirm                  = $False
        ErrorAction              = 'SilentlyContinue'
    }
    Remove-VM @RemoveVMSplat
 }
 Disconnect-VIServer * -Confirm:$False
 $RemoveItemSplat = @{
    Path    = "/scratch/*"
    Recurse = $True
    Force   = $True
    Confirm = $False
 }
 Remove-Item @RemoveItemSplat
--- a/scripts/Set-NetworkProfile.ps1
+++ b/scripts/Set-NetworkProfile.ps1
@@ -1,23 +0,0 @@
 # You cannot enable Windows PowerShell Remoting on network connections that are set to Public
 # Spin through all the network locations and if they are set to Public, set them to Private
 # using the INetwork interface:
 # http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx
 # For more info, see:
 # http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx
 # Network location feature was only introduced in Windows Vista - no need to bother with this
 # if the operating system is older than Vista
 if([environment]::OSVersion.version.Major -lt 6) { return }
 # You cannot change the network location if you are joined to a domain, so abort
 if(1,3,4,5 -contains (Get-WmiObject win32_computersystem).DomainRole) { return }
 # Get network connections
 $networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
 $connections = $networkListManager.GetNetworkConnections()
 $connections |foreach {
 	Write-Host $_.GetNetwork().GetName()"category was previously set to"$_.GetNetwork().GetCategory()
 	$_.GetNetwork().SetCategory(1)
 	Write-Host $_.GetNetwork().GetName()"changed to category"$_.GetNetwork().GetCategory()
 }
--- a/scripts/Update-Manifest.ps1
+++ b/scripts/Update-Manifest.ps1
@@ -1,55 +0,0 @@
 #Requires -Modules 'powershell-yaml'
 [CmdletBinding()]
 Param(
    [Parameter(Mandatory)]
    [ValidateScript({
            If (Test-Path($_)) {
                $True
            } Else {
                Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting."
            }
        })]
    [string]$ManifestFileName
 )
 $GetItemSplat = @{
    Path = $ManifestFileName
 }
 $ManifestFile = Get-Item @GetItemSplat
 $SetLocationSplat = @{
    Path     = $ManifestFile.DirectoryName
 }
 Set-Location @SetLocationSplat
 $GetContentSplat = @{
    Path = $ManifestFile.FullName
 }
 $Manifest = Get-Content @GetContentSplat
 $UpdatedManifest = ForEach ($Line in $Manifest) {
    Write-Host "Processing '$($Line)' ..."
    If ($Line -match '^SHA256\((.+)\)= ([0-9a-fA-F]{64})$') {
        If (Test-Path $Matches[1]) {
            $GetFileHashSplat = @{
                Path      = $Matches[1]
                Algorithm = 'SHA256'
            }
            Write-Host "Updating checksum..."
            "SHA256($($Matches[1]))= $((Get-FileHash @GetFileHashSplat).Hash)"
        }
    }
 }
 If ($UpdatedManifest -ne $Null) {
    $SetContentSplat = @{
        Path        = $ManifestFile.FullName
        Value       = $UpdatedManifest
        Force       = $True
        Confirm     = $False
    }
    Set-Content @SetContentSplat    
 } Else {
    Write-Host "Failed updating manifest."
    Exit 1
 }
--- a/scripts/Update-OvfConfiguration.ps1
+++ b/scripts/Update-OvfConfiguration.ps1
@@ -1,253 +0,0 @@
 #Requires -Modules 'powershell-yaml'
 [CmdletBinding()]
 Param(
    [Parameter(Mandatory)]
    [ValidateScript({
            If (Test-Path($_)) {
                $True
            } Else {
                Throw "'$_' is not a valid filename (within working directory '$PWD'), or access denied; aborting."
            }
        })]
    [string]$OVFFile,
    [hashtable]$Parameter
 )
 $GetContentSplat = @{
    Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".yml")
    Raw  = $True
 }
 $RawContent = Get-Content @GetContentSplat
 $ConvertFromYamlSplat = @{
    Yaml         = $RawContent
    AllDocuments = $True
 }
 $YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat
 # Check if the respective .yml file declared substitutions which need to be parsed
 If (($YamlDocuments.Count -gt 1) -and $YamlDocuments[-1].Variables) {
    ForEach ($Pattern in $YamlDocuments[-1].Variables) {
        $RawContent = $RawContent -replace "\{\{ ($($Pattern.Name)) \}\}", [string](Invoke-Expression -Command $Pattern.Expression)
    }
    # Perform conversion to Yaml again, now with parsed file contents
    $ConvertFromYamlSplat = @{
        Yaml         = $RawContent
        AllDocuments = $True
    }
    $YamlDocuments = ConvertFrom-Yaml @ConvertFromYamlSplat
    $OVFConfig = $YamlDocuments[0..($YamlDocuments.Count - 2)]
 }
 Else {
    $OVFConfig = $YamlDocuments
 }
 $SourceFile = Get-Item -Path $OVFFile
 $GetContentSplat = @{
    Path = $SourceFile.FullName
 }
 $XML = [xml](Get-Content @GetContentSplat)
 $NS = [System.Xml.XmlNamespaceManager]$XML.NameTable
 [void]$NS.AddNamespace('Any', $XML.DocumentElement.xmlns)
 If ($OVFConfig.DeploymentConfigurations.Count -gt 0) {
    $XMLSection = $XML.CreateElement('DeploymentOptionSection', $XML.DocumentElement.xmlns)
    $XMLSectionInfo = $XML.CreateElement('Info', $XML.DocumentElement.xmlns)
    $XMLSectionInfo.InnerText = 'Deployment Type'
    [void]$XMLSection.AppendChild($XMLSectionInfo)
    ForEach ($Configuration in $OVFConfig.DeploymentConfigurations) {
        $XMLConfig = $XML.CreateElement('Configuration', $XML.DocumentElement.xmlns)
        $XMLConfigAttrId = $XML.CreateAttribute('id', $XML.DocumentElement.ovf)
        $XMLConfigAttrId.Value = $Configuration.Id
        $XMLConfigLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
        $XMLConfigLabel.InnerText = $Configuration.Label
        $XMLConfigDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns)
        $XMLConfigDescription.InnerText = $Configuration.Description
        [void]$XMLConfig.Attributes.Append($XMLConfigAttrId)
        [void]$XMLConfig.AppendChild($XMLConfigLabel)
        [void]$XMLConfig.AppendChild($XMLConfigDescription)
        [void]$XMLSection.AppendChild($XMLConfig)
    }
    [void]$XML.SelectSingleNode('//Any:Envelope', $NS).InsertAfter($XMLSection, $XML.SelectSingleNode('//Any:NetworkSection', $NS))
    Write-Host "Inserted 'DeploymentOptionSection' with $($Configuration.Count) nodes"
 }
 $XMLAttrTransport = $XML.CreateAttribute('transport', $XML.DocumentElement.ovf)
 $XMLAttrTransport.Value = 'com.vmware.guestInfo'
 [void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).Attributes.Append($XMLAttrTransport)
 ForEach ($ExtraConfig in $OVFConfig.AdvancedOptions) {
    $XMLExtraConfig = $XML.CreateElement('vmw:ExtraConfig', $XML.DocumentElement.vmw)
    $XMLExtraConfigAttrRequired = $XML.CreateAttribute('required', $XML.DocumentElement.ovf)
    $XMLExtraConfigAttrRequired.Value = "$([boolean]$ExtraConfig.Required)".ToLower()
    $XMLExtraConfigAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.vmw)
    $XMLExtraConfigAttrKey.Value = $ExtraConfig.Key
    $XMLExtraConfigAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.vmw)
    $XMLExtraConfigAttrValue.Value = $ExtraConfig.Value
    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrRequired)
    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrKey)
    [void]$XMLExtraConfig.Attributes.Append($XMLExtraConfigAttrValue)
    [void]$XML.SelectSingleNode('//Any:VirtualHardwareSection', $NS).AppendChild($XMLExtraConfig)
 }
 Write-Host "Added $($OVFConfig.AdvancedOptions.Count) 'vmw:ExtraConfig' nodes"
 $XMLProductSection = $XML.SelectSingleNode('//Any:ProductSection', $NS)
 If ($XMLProductSection -eq $Null) {
    $XMLProductSection = $XML.CreateElement('ProductSection', $XML.DocumentElement.xmlns)
    [void]$XML.SelectSingleNode('//Any:VirtualSystem', $NS).AppendChild($XMLProductSection)
    Write-Host "Inserted 'ProductSection'"
 } Else {
    ForEach ($Child in $XMLProductSection.SelectNodes('//Any:ProductSection/child::*', $NS)) {
        [void]$Child.ParentNode.RemoveChild($Child)
    }
    Write-Host "Destroyed pre-existing children in 'ProductSection'"
 }
 $XMLProductSectionInfo = $XML.CreateElement('Info', $XML.DocumentElement.xmlns)
 $XMLProductSectionInfo.InnerText = 'Information about the installed software'
 [void]$XMLProductSection.AppendChild($XMLProductSectionInfo)
 Write-Host "Inserted new 'Info' into 'ProductSection'"
 ForEach ($Category in $OVFConfig.PropertyCategories) {
    If ($Category.Name -ne '') {
        $XMLCategory = $XML.CreateElement('Category', $XML.DocumentElement.xmlns)
        $XMLCategory.InnerText = $Category.Name
        [void]$XMLProductSection.AppendChild($XMLCategory)
        Write-Host "Inserted new 'Category' into 'ProductSection'"
    }
    ForEach ($Property in $Category.ProductProperties) {
        $XMLProperty = $XML.CreateElement('Property', $XML.DocumentElement.xmlns)
        $XMLPropertyAttrKey = $XML.CreateAttribute('key', $XML.DocumentElement.ovf)
        $XMLPropertyAttrKey.Value = $Property.Key
        $XMLPropertyAttrType = $XML.CreateAttribute('type', $XML.DocumentElement.ovf)
        Switch -regex ($Property.Type) {
            '^boolean' {
                $XMLPropertyAttrType.Value = 'boolean'
            }
            '^int' {
                $XMLPropertyAttrType.Value = 'uint8'
                $Qualifiers = @()
                If ($Property.Type -match '^int\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
                        $Qualifiers += "MinValue($($Matches[1]))"
                    }
                    If ($Matches[2]) {
                        $Qualifiers += "MaxValue($($Matches[2]))"
                    }
                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
            '^ip' {
                $XMLPropertyAttrType.Value = 'string'
                $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.vmw)
                $XMLPropertyAttrQualifiers.Value = 'Ip'
                [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
            }
            '^password' {
                $XMLPropertyAttrType.Value = 'string'
                $XMLPropertyAttrPassword = $XML.CreateAttribute('password', $XML.DocumentElement.ovf)
                $XMLPropertyAttrPassword.Value = 'true'
                [void]$XMLProperty.Attributes.Append($XMLPropertyAttrPassword)
                $Qualifiers = @()
                If ($Property.Type -match '^password\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
                        $Qualifiers += "MinLen($($Matches[1]))"
                    }
                    If ($Matches[2]) {
                        $Qualifiers += "MaxLen($($Matches[2]))"
                    }
                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
            '^string' {
                $XMLPropertyAttrType.Value = 'string'
                $Qualifiers = @()
                If ($Property.Type -match '^string\((\d*)\.\.(\d*)\)') {
                    If ($Matches[1]) {
                        $Qualifiers += "MinLen($($Matches[1]))"
                    }
                    If ($Matches[2]) {
                        $Qualifiers += "MaxLen($($Matches[2]))"
                    }
                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = $Qualifiers -join ' '
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                } ElseIf ($Property.Type -match '^string\[(.*)\]') {
                    $XMLPropertyAttrQualifiers = $XML.CreateAttribute('qualifiers', $XML.DocumentElement.ovf)
                    $XMLPropertyAttrQualifiers.Value = "ValueMap{$($Matches[1] -replace '","', '", "')}"
                    [void]$XMLProperty.Attributes.Append($XMLPropertyAttrQualifiers)
                }
            }
        }
        $XMLPropertyAttrUserConfigurable = $XML.CreateAttribute('userConfigurable', $XML.DocumentElement.ovf)
        $XMLPropertyAttrUserConfigurable.Value = "$([boolean]$Property.UserConfigurable)".ToLower()
        $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
        If ($Property.Type -eq 'boolean') {
            $XMLPropertyAttrValue.Value = "$([boolean]$Property.DefaultValue)".ToLower()
        } Else {
            $XMLPropertyAttrValue.Value = $Property.DefaultValue
        }
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrKey)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrType)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrUserConfigurable)
        [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)
        If ($Property.Label) {
            $XMLPropertyLabel = $XML.CreateElement('Label', $XML.DocumentElement.xmlns)
            $XMLPropertyLabel.InnerText = $Property.Label
            [void]$XMLProperty.AppendChild($XMLPropertyLabel)
        }
        If ($Property.Description) {
            $XMLPropertyDescription = $XML.CreateElement('Description', $XML.DocumentElement.xmlns)
            $XMLPropertyDescription.InnerText = $Property.Description
            [void]$XMLProperty.AppendChild($XMLPropertyDescription)
        }
        If (($Property.Configurations.Count -eq 1) -and ($Property.Configurations -eq '*')) {
            $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
            $XMLPropertyAttrConfiguration.Value = $OVFConfig.DeploymentConfigurations.Id -join ' '
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)       
        } ElseIf ($Property.Configurations.Count -gt 0) {
            $XMLPropertyAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
            $XMLPropertyAttrConfiguration.Value = $Property.Configurations -join ' '
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrConfiguration)       
        }
        If ($Property.Value.Count -eq 1) {
            $XMLPropertyAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
            $XMLPropertyAttrValue.Value = $Property.Value
            [void]$XMLProperty.Attributes.Append($XMLPropertyAttrValue)       
        } ElseIf ($Property.Value.Count -gt 1) {
            ForEach ($Value in $Property.Value) {
                $XMLValue = $XML.CreateElement('Value', $XML.DocumentElement.xmlns)
                $XMLValueAttrValue = $XML.CreateAttribute('value', $XML.DocumentElement.ovf)
                $XMLValueAttrValue.Value = $Value
                $XMLValueAttrConfiguration = $XML.CreateAttribute('configuration', $XML.DocumentElement.ovf)
                $XMLValueAttrConfiguration.Value = $Value
                [void]$XMLValue.Attributes.Append($XMLValueAttrValue)
                [void]$XMLValue.Attributes.Append($XMLValueAttrConfiguration)
                [void]$XMLProperty.AppendChild($XMLValue)
            }
        }
        [void]$XMLProductSection.AppendChild($XMLProperty)
    }
    Write-Host "Inserted $($Category.ProductProperties.Count) new node(s) into 'ProductSection'"
 }
 $XML.Save($SourceFile.FullName)
--- a/scripts/Update-OvfConfiguration.yml
+++ b/scripts/Update-OvfConfiguration.yml
@@ -1,113 +0,0 @@
 DeploymentConfigurations:
 - Id: domainmember
  Label: Domain member
  Description: Windows 10 client joined to an Active Directory domain
 - Id: standalone
  Label: Stand-alone
  Description: Stand-alone Windows 10 client
 PropertyCategories:
 - Name: 0) Deployment information
  ProductProperties:
  - Key: deployment.type
    Type: string
    Value:
    - domainmember
    - standalone
    UserConfigurable: false
 - Name: 1) Operating System
  ProductProperties:
  - Key: guestinfo.hostname
    Type: string(1..15)
    Label: Hostname*
    Description: '(max length: 15 characters)'
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
  - Key: guestinfo.administratorpw
    Type: password(7..)
    Label: Local administrator password*
    Description: Must meet password complexity rules
    DefaultValue: password
    Configurations:
    - standalone
    UserConfigurable: true
  - Key: guestinfo.ntpserver
    Type: string(1..)
    Label: Time server*
    Description: A comma-separated list of timeservers
    DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org
    Configurations:
    - standalone
    UserConfigurable: true
 - Name: 2) Networking
  ProductProperties:
  - Key: guestinfo.ipaddress
    Type: ip
    Label: IP Address*
    Description: ''
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
  - Key: guestinfo.prefixlength
    Type: int(8..32)
    Label: Subnet prefix length*
    Description: ''
    DefaultValue: '24'
    Configurations: '*'
    UserConfigurable: true
  - Key: guestinfo.dnsserver
    Type: ip
    Label: DNS server*
    Description: ''
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
  - Key: guestinfo.gateway
    Type: ip
    Label: Gateway*
    Description: ''
    DefaultValue: ''
    Configurations: '*'
    UserConfigurable: true
 - Name: 3) Active Directory membership
  ProductProperties:
  - Key: addsconfig.domainname
    Type: string(1..)
    Label: Domain name*
    Description: Must be able to be resolved through provided DNS server
    DefaultValue: example.org
    Configurations:
    - domainmember
    UserConfigurable: true
  - Key: addsconfig.username
    Type: string(1..)
    Label: Domain account username*
    Description: ''
    DefaultValue: username
    Configurations:
    - domainmember
    UserConfigurable: true
  - Key: addsconfig.password
    Type: password(1..)
    Label: Domain account password*
    Description: ''
    DefaultValue: password
    Configurations:
    - domainmember
    UserConfigurable: true
 AdvancedOptions:
 - Key: appliance.name
  Value: "{{ appliance.name }}"
  Required: false
 - Key: appliance.version
  Value: "{{ appliance.version }}"
  Required: false
 ---
 Variables:
 - Name: appliance.name
  Expression: |
    $Parameter['appliance.name']
 - Name: appliance.version
  Expression: |
    $Parameter['appliance.version']
--- a/scripts/Windows10/Register-ScheduledTask.ps1
+++ b/scripts/Windows10/Register-ScheduledTask.ps1
@@ -1,7 +0,0 @@
 [CmdletBinding()]
 Param(
    # No parameters
 )
 # Create scheduled task
 & schtasks.exe /Create /TN 'FirstBoot' /SC ONSTART /RU SYSTEM /TR "powershell.exe -file C:\Payload\Apply-FirstBootConfig.ps1"
--- a/scripts/Windows10/payload/Apply-FirstBootConfig.ps1
+++ b/scripts/Windows10/payload/Apply-FirstBootConfig.ps1
@@ -1,244 +0,0 @@
 [CmdletBinding()]
 Param(
    # No parameters
 )
 $SetLocationSplat = @{
    Path = $PSScriptRoot
 }
 Set-Location @SetLocationSplat
 $NewEventLogSplat = @{
    LogName     = 'Application'
    Source      = 'FirstBoot'
    ErrorAction = 'SilentlyContinue'
 }
 New-EventLog @NewEventLogSplat
 $WriteEventLogSplat = @{
    LogName   = 'Application'
    Source    = 'FirstBoot'
    EntryType = 'Information'
    EventID   = 1
    Message   = "FirstBoot sequence initiated [working directory: '$PWD']"
 }
 Write-EventLog @WriteEventLogSplat
 $VMwareToolsExecutable = "C:\Program Files\VMware\VMware Tools\vmtoolsd.exe"
 [xml]$ovfEnv = & $VMwareToolsExecutable --cmd "info-get guestinfo.ovfEnv" | Out-String
 $ovfProperties = $ovfEnv.ChildNodes.NextSibling.PropertySection.Property
 $ovfPropertyValues = @{}
 foreach ($ovfProperty in $ovfProperties) {
    $ovfPropertyValues[$ovfProperty.key] = $ovfProperty.Value
 }
 # Check for mandatory values
 Switch ($ovfPropertyValues['deployment.type']) {
    'domainmember' {
        $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'addsconfig.domainname', 'addsconfig.username', 'addsconfig.password'), @()
    }
    'standalone' {
        $MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.gateway', 'guestinfo.administratorpw', 'guestinfo.ntpserver'), @()        
    }
    default {
        # Mandatory values missing, cannot provision.
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = "Unexpected or no value set for property 'deployment.type', cannot provision."
        }
        Write-EventLog @WriteEventLogSplat
        & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
        Stop-Computer -Force
        Exit
    }
 }
 ForEach ($Property in $MandatoryProperties) {
    If (!$ovfPropertyValues[$Property]) {
        $MissingProperties += $Property
    }
 }
 If ($MissingProperties.Length -gt 0) {
        # Mandatory values missing, cannot provision.
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = "Missing values for mandatory properties $(($MissingProperties | ForEach-Object {"'{0}'" -f $_}) -join ', '), cannot provision."
        }
        Write-EventLog @WriteEventLogSplat
        & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
        Stop-Computer -Force
        Exit
 }
 # Set hostname and description
 If ($Env:ComputerName -ne $ovfPropertyValues['guestinfo.hostname']) {
    $RenameComputerSplat = @{
        NewName     = $ovfPropertyValues['guestinfo.hostname']
        Force       = $True
        Confirm     = $False
    }
    Rename-Computer @RenameComputerSplat
    $SetCimInstanceSplat = @{
        InputObject = (Get-CimInstance -ClassName 'Win32_OperatingSystem')
        Property    = @{
            Description = $ovfPropertyValues['guestinfo.hostname']
        }
    }
    Set-CimInstance  @SetCimInstanceSplat
    # Restart the computer to apply changes
    Restart-Computer -Force
    Exit
 }
 # Configure network interface
 If ((Get-WmiObject -Class 'Win32_NetworkAdapterConfiguration').IPAddress -NotContains $ovfPropertyValues['guestinfo.ipaddress']) {
    $NewNetIPAddressSplat = @{
        InterfaceAlias = (Get-NetAdapter).Name
        AddressFamily  = 'IPv4'
        IPAddress      = $ovfPropertyValues['guestinfo.ipaddress']
        PrefixLength   = $ovfPropertyValues['guestinfo.prefixlength']
        DefaultGateway = $ovfPropertyValues['guestinfo.gateway']
    }
    $IPAddress = New-NetIPAddress @NewNetIPAddressSplat
    # Wait for network connection to become available
    $Timestamp, $TimeoutMinutes = (Get-Date), 5
    Do {
        If ($Timestamp.AddMinutes($TimeoutMinutes) -lt (Get-Date)) {
            $WriteEventLogSplat = @{
                LogName   = 'Application'
                Source    = 'FirstBoot'
                EntryType = 'Warning'
                EventID   = 13
                Message   = "Timeout after $($TimeoutMinutes) minutes waiting for network connection to become available."
            }
            Write-EventLog @WriteEventLogSplat
            Break
        }
        Start-Sleep -Milliseconds 250
        $GetNetIPAddressSplat = @{
            IPAddress      = $ovfPropertyValues['guestinfo.ipaddress']
            InterfaceIndex = $IPAddress.InterfaceIndex
            AddressFamily  = 'IPv4'
            ErrorAction    = 'SilentlyContinue'
        }
    } Until ((Get-NetIPAddress @GetNetIPAddressSplat).AddressState -eq 'Preferred')
    $OldErrorActionPreference, $ErrorActionPreference = $ErrorActionPreference, 'SilentlyContinue'
    $TestNetConnectionSplat = @{
        ComputerName     = ([IPAddress]$ovfPropertyValues['guestinfo.dnsserver']).IPAddressToString
        InformationLevel = 'Quiet'
    }
    $SetDnsClientServerAddressSplat = @{
        InterfaceAlias  = (Get-NetAdapter).Name
        ServerAddresses = If (
            [boolean]($ovfPropertyValues['guestinfo.dnsserver'] -as [IPaddress]) -and (Test-NetConnection @TestNetConnectionSplat)) {
                ($ovfPropertyValues['guestinfo.dnsserver'])
            } else {
                ('127.0.0.1')
            }
        Validate        = $False
    }
    Set-DnsClientServerAddress @SetDnsClientServerAddressSplat
    $ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL
 }
 Switch ($ovfPropertyValues['deployment.type']) {
    'domainmember' {
        # Join Active Directory domain as member
        If (!(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) {
            $AddComputerSplat = @{
                DomainName = $ovfPropertyValues['addsconfig.domainname']
                Credential = New-Object System.Management.Automation.PSCredential(
                    $ovfPropertyValues['addsconfig.username'],
                    (ConvertTo-SecureString $ovfPropertyValues['addsconfig.password'] -AsPlainText -Force)
                )
                # OUPath     = $ovfPropertyValues['addsconfig.organizationalunit']
                Restart    = $True
                Force      = $True
                Confirm    = $False
            }
            Add-Computer @AddComputerSplat
            # Previous cmdlet performs a reboot on completion; so these are commented out
            # Restart-Computer -Force
            # Exit
        }
    }
    'standalone' {
        # Change password of built-in Administrator
        $BuiltinAdministrator = (Get-LocalUser | Where-Object {$_.SID -match '-500'})
        $ConvertToSecureStringSplat = @{
            String      = $ovfPropertyValues['guestinfo.administratorpw']
            AsPlainText = $True
            Force       = $True
        }
        $SetLocalUserSplat = @{
            InputObject           = $BuiltinAdministrator
            Password              = ConvertTo-SecureString @ConvertToSecureStringSplat
            PasswordNeverExpires  = $True
            AccountNeverExpires   = $True
            ### This setting is not allowed on the last administrator
            # UserMayChangePassword = $False
            Confirm               = $False
        }
        Set-LocalUser @SetLocalUserSplat
        $EnableLocalUserSplat = @{
            InputObject = $BuiltinAdministrator
            Confirm     = $False
        }
        Enable-LocalUser @EnableLocalUserSplat
    }
 }
 # Iterate through and invoke all payload scripts
 #! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots)
 $GetItemSplat = @{
    Path = "$($PSScriptRoot)\Scripts\*.ps1"
 }
 ForEach ($Script in (Get-Item @GetItemSplat)) {
    Try {
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Information'
            EventID   = 4
            Message   = "Running script: '$($Script.FullName)'"
        }
        Write-EventLog @WriteEventLogSplat
        & $Script.FullName -Parameter $ovfPropertyValues
    }
    Catch {
        $WriteEventLogSplat = @{
            LogName   = 'Application'
            Source    = 'FirstBoot'
            EntryType = 'Error'
            EventID   = 66
            Message   = @"
 Error occurred while executing script '$($Script.Name)':
 $($_.Exception.Message)
 "@
        }
        Write-EventLog @WriteEventLogSplat
    }
 }
 $WriteEventLogSplat = @{
    LogName   = 'Application'
    Source    = 'FirstBoot'
    EntryType = 'Information'
    EventID   = 42
    Message   = 'FirstBoot sequence applied and finished'
 }
 Write-EventLog @WriteEventLogSplat
 & schtasks.exe /Change /TN 'FirstBoot' /DISABLE
		`@@ -1,2 +0,0 @@`
			`@rem Silent mode, basic UI, no reboot`
			`e:\setup64 /s /v "/qb REBOOT=R"`