docs: Readme (#56)

Dockerfile

@@ -7,10 +7,8 @@ ARG DEBCONF_NONINTERACTIVE_SEEN "true"
 RUN apt-get update \
     && apt-get --no-install-recommends -y install \
         curl \
-        novnc \
-        swtpm \
+        7zip \
         wimtools \
-        p7zip-full \
         genisoimage \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@@ -23,7 +21,7 @@ ADD https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/latest-virt
 
 RUN chmod +x /run/*.sh
 
-EXPOSE 3389 8006
+EXPOSE 8006 3389
 VOLUME /storage
 
 ENV RAM_SIZE "4G"

assets/win10x64.xml

@@ -1,6 +1,5 @@
 <?xml version="1.0"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
-  <settings pass="offlineServicing"/>
   <settings pass="windowsPE">
     <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <SetupUILanguage>
@@ -126,6 +125,11 @@
       </DriverPaths>
     </component>
   </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
   <settings pass="generalize"/>
   <settings pass="specialize">
     <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -265,15 +269,21 @@
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
           <RequiresUserInput>false</RequiresUserInput>
           <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
           <Description>Password Never Expires</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
-          <Order>3</Order>
+          <Order>4</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

assets/win11x64.xml

@@ -1,6 +1,5 @@
 <?xml version="1.0"?>
 <unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
-  <settings pass="offlineServicing"/>
   <settings pass="windowsPE">
     <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <SetupUILanguage>
@@ -90,6 +89,24 @@
         <AcceptEula>true</AcceptEula>
       </UserData>
       <EnableFirewall>false</EnableFirewall>
+      <RunSynchronous>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>1</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>2</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+        <RunSynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <Path>reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f</Path>
+        </RunSynchronousCommand>
+      </RunSynchronous>
     </component>
     <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <DriverPaths>
@@ -126,6 +143,11 @@
       </DriverPaths>
     </component>
   </settings>
+  <settings pass="offlineServicing">
+    <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+      <EnableLUA>false</EnableLUA>
+    </component>
+  </settings>
   <settings pass="generalize"/>
   <settings pass="specialize">
     <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -260,20 +282,35 @@
         <ProtectYourPC>3</ProtectYourPC>
         <HideEULAPage>true</HideEULAPage>
         <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+        <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
       </OOBE>
       <FirstLogonCommands>
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV1 /d 0 /t REG_DWORD /f</CommandLine>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>4</Order>
+          <CommandLine>reg.exe add "HKCU\Control Panel\UnsupportedHardwareNotificationCache" /v SV2 /d 0 /t REG_DWORD /f</CommandLine>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>5</Order>
           <RequiresUserInput>false</RequiresUserInput>
           <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
           <Description>Password Never Expires</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
-          <Order>3</Order>
+          <Order>6</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

assets/win2016-eval.xml

@@ -101,34 +101,34 @@
     <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <DriverPaths>
         <PathAndCredentials wcm:action="add" wcm:keyValue="1">
-            <Path>D:\viostor\2k16\amd64</Path>
+          <Path>D:\viostor\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="2">
-            <Path>D:\NetKVM\2k16\amd64</Path>
+          <Path>D:\NetKVM\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="3">
-            <Path>D:\Balloon\2k16\amd64</Path>
+          <Path>D:\Balloon\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="4">
-            <Path>D:\pvpanic\2k16\amd64</Path>
+          <Path>D:\pvpanic\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="5">
-            <Path>D:\qemupciserial\2k16\amd64</Path>
+          <Path>D:\qemupciserial\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="6">
-            <Path>D:\qxldod\2k16\amd64</Path>
+          <Path>D:\qxldod\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="7">
-            <Path>D:\vioinput\2k16\amd64</Path>
+          <Path>D:\vioinput\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="8">
-            <Path>D:\viorng\2k16\amd64</Path>
+          <Path>D:\viorng\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="9">
-            <Path>D:\vioscsi\2k16\amd64</Path>
+          <Path>D:\vioscsi\2k16\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="10">
-            <Path>D:\vioserial\2k16\amd64</Path>
+          <Path>D:\vioserial\2k16\amd64</Path>
         </PathAndCredentials>
       </DriverPaths>
     </component>
@@ -162,7 +162,7 @@
     </component>
     <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
-    </component>    
+    </component>
     <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <fDenyTSConnections>false</fDenyTSConnections>
     </component>
@@ -177,7 +177,7 @@
           <Profile>all</Profile>
         </FirewallGroup>
       </FirewallGroups>
-    </component>    
+    </component>
   </settings>
   <settings pass="oobeSystem">
     <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -221,15 +221,21 @@
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
           <RequiresUserInput>false</RequiresUserInput>
           <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
           <Description>Password Never Expires</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
-          <Order>3</Order>
+          <Order>4</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

assets/win2019-eval.xml

@@ -101,34 +101,34 @@
     <component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <DriverPaths>
         <PathAndCredentials wcm:action="add" wcm:keyValue="1">
-            <Path>D:\viostor\2k19\amd64</Path>
+          <Path>D:\viostor\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="2">
-            <Path>D:\NetKVM\2k19\amd64</Path>
+          <Path>D:\NetKVM\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="3">
-            <Path>D:\Balloon\2k19\amd64</Path>
+          <Path>D:\Balloon\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="4">
-            <Path>D:\pvpanic\2k19\amd64</Path>
+          <Path>D:\pvpanic\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="5">
-            <Path>D:\qemupciserial\2k19\amd64</Path>
+          <Path>D:\qemupciserial\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="6">
-            <Path>D:\qxldod\2k19\amd64</Path>
+          <Path>D:\qxldod\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="7">
-            <Path>D:\vioinput\2k19\amd64</Path>
+          <Path>D:\vioinput\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="8">
-            <Path>D:\viorng\2k19\amd64</Path>
+          <Path>D:\viorng\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="9">
-            <Path>D:\vioscsi\2k19\amd64</Path>
+          <Path>D:\vioscsi\2k19\amd64</Path>
         </PathAndCredentials>
         <PathAndCredentials wcm:action="add" wcm:keyValue="10">
-            <Path>D:\vioserial\2k19\amd64</Path>
+          <Path>D:\vioserial\2k19\amd64</Path>
         </PathAndCredentials>
       </DriverPaths>
     </component>
@@ -162,7 +162,7 @@
     </component>
     <component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
-    </component>    
+    </component>
     <component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
       <fDenyTSConnections>false</fDenyTSConnections>
     </component>
@@ -177,7 +177,7 @@
           <Profile>all</Profile>
         </FirewallGroup>
       </FirewallGroups>
-    </component>    
+    </component>
   </settings>
   <settings pass="oobeSystem">
     <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
@@ -221,15 +221,21 @@
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
           <RequiresUserInput>false</RequiresUserInput>
           <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
           <Description>Password Never Expires</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
-          <Order>3</Order>
+          <Order>4</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

assets/win2022-eval.xml

@@ -221,15 +221,21 @@
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
           <RequiresUserInput>false</RequiresUserInput>
           <CommandLine>cmd /C wmic useraccount where name="Docker" set PasswordExpires=false</CommandLine>
           <Description>Password Never Expires</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
-          <Order>3</Order>
+          <Order>4</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

assets/win81x64.xml

@@ -194,9 +194,15 @@
         <SynchronousCommand wcm:action="add">
           <Order>1</Order>
           <CommandLine>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Set AutoLogonCount to 0</Description>
         </SynchronousCommand>
         <SynchronousCommand wcm:action="add">
           <Order>2</Order>
+          <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v LimitBlankPasswordUse /t REG_DWORD /d 0 /f</CommandLine>
+          <Description>Allow RDP login with blank password</Description>
+        </SynchronousCommand>
+        <SynchronousCommand wcm:action="add">
+          <Order>3</Order>
           <CommandLine>msiexec /i E:\virtio-win-gt-x64.msi /qb!</CommandLine>
           <Description>Install VirtIO drivers</Description>
         </SynchronousCommand>

readme.md

@@ -1,4 +1,4 @@
-<h1 align="center">Windows in Docker<br />
+<h1 align="center">Windows<br />
 <div align="center">
 <img src="https://github.com/dockur/windows/raw/master/.github/logo.png" title="Logo" style="max-width:100%;" width="128" />
 </div>
@@ -73,13 +73,13 @@ docker run -it --rm -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN dockurr/w
     
     Select from the values below:
     
-    - ```win11``` (Windows 11)
-    - ```win10``` (Windows 10)
-    - ```win81``` (Windows 8.1)
-    - ```win22``` (Windows Server 2022)
-    - ```win19``` (Windows Server 2019)
-    - ```win16``` (Windows Server 2016)
-
+    - ```win11``` = Windows 11
+    - ```win10``` = Windows 10
+    - ```win81``` = Windows 8.1
+    - ```win22``` = Windows Server 2022
+    - ```win19``` = Windows Server 2019
+    - ```win16``` = Windows Server 2016
+ 
   * ### How do I increase the amount of CPU or RAM?
 
     By default, 2 CPU cores and 4 GB of RAM are allocated to the container, as those are the minimum requirements of Windows 11.
@@ -114,23 +114,6 @@ docker run -it --rm -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN dockurr/w
 
     Replace the example path `/var/win` with the desired storage folder.
 
-  * ### How do I verify if my system supports KVM?
-
-    To verify if your system supports KVM, run the following commands:
-
-    ```bash
-    sudo apt install cpu-checker
-    sudo kvm-ok
-    ```
-
-    If you receive an error from `kvm-ok` indicating that KVM acceleration can't be used, check the virtualization settings in the BIOS.
-
-  * ### How do I view the screen?
-
-    The container includes a web-based viewer, so you can visit [http://localhost:8006/](http://localhost:8006/) using any web browser to view the screen and interact with Windows via the keyboard and mouse.
-
-    This is mainly for use during installation, as afterwards you can use Remote Desktop, TeamViewer or any other software you prefer.
-
   * ### How do I perform a manual installation?
 
     If you prefer to perform the installation manually in order to customize some options, such as selecting another edition, add the following environment variable:
@@ -160,14 +143,40 @@ docker run -it --rm -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN dockurr/w
 
   * ### How do I install an unsupported version?
 
-    You can specify an URL in the `VERSION` environment variable, in order to download a custom ISO file:
+    You can specify an URL in the `VERSION` environment variable, in order to download a custom ISO image:
     
     ```yaml
     environment:
       VERSION: "https://example.com/win.iso"
     ```
     
-    During the installation you will need to add some drivers as described in [manual installation](https://github.com/dockur/windows/tree/master?tab=readme-ov-file#how-do-i-perform-a-manual-installation) above.
+    During the installation you may need to add some drivers as described in [manual installation](https://github.com/dockur/windows/tree/master?tab=readme-ov-file#how-do-i-perform-a-manual-installation) above.
+
+  * ### How do I pass-through a disk?
+
+    It is possible to pass-through disk devices directly by adding them to your compose file in this way:
+
+    ```yaml
+    environment:
+      DEVICE: "/dev/sda"
+      DEVICE2: "/dev/sdb"
+    devices:
+      - /dev/sda
+      - /dev/sdb
+    ```
+
+    Use ```DEVICE``` if you want it to become your main drive, and use ```DEVICE2``` and higher to add them as secondary drives.
+    
+  * ### How do I verify if my system supports KVM?
+
+    To verify if your system supports KVM, run the following commands:
+
+    ```bash
+    sudo apt install cpu-checker
+    sudo kvm-ok
+    ```
+
+    If you receive an error from `kvm-ok` indicating that KVM acceleration can't be used, check the virtualization settings in the BIOS.
 
   * ### Is this project legal?
 

src/entry.sh

@@ -3,8 +3,8 @@ set -Eeuo pipefail
 
 echo "❯ Starting Windows for Docker v$(</run/version)..."
 echo "❯ For support visit https://github.com/dockur/windows"
+echo
 
-export DISPLAY=web
 export BOOT_MODE=windows
 
 cd /run
@@ -20,14 +20,11 @@ cd /run
 
 trap - ERR
 
-ln -sfn /usr/share/novnc/vnc_lite.html /usr/share/novnc/index.html
-websockify -D --web /usr/share/novnc/ 8006 localhost:5900 2>/dev/null
+if [[ "${DISPLAY,,}" == "web" ]]; then
+  nginx -e stderr
+fi
 
-mkdir -p /dev/shm/emulated_tpm
-swtpm socket -t -d --tpmstate dir=/dev/shm/emulated_tpm --ctrl \
-  type=unixio,path=/dev/shm/emulated_tpm/swtpm-sock --log level=1 --tpm2
-
-info "Booting Windows using $VERS..."
+echo && info "Booting Windows using $VERS..."
 
 [[ "$DEBUG" == [Yy1]* ]] && set -x
 exec qemu-system-x86_64 ${ARGS:+ $ARGS}

src/install.sh

@@ -1,15 +1,10 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail
 
-: "${MANUAL:="N"}"
-: "${EXTERNAL:="N"}"
+: "${MANUAL:=""}"
+: "${EXTERNAL:=""}"
 : "${VERSION:="win11x64"}"
 
-ARGUMENTS="-chardev socket,id=chrtpm,path=/dev/shm/emulated_tpm/swtpm-sock $ARGUMENTS"
-ARGUMENTS="-tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0 $ARGUMENTS"
-
-[[ "${VERSION,,}" == "http"* ]] && EXTERNAL="Y"
-
 [[ "${VERSION,,}" == "11" ]] && VERSION="win11x64"
 [[ "${VERSION,,}" == "win11" ]] && VERSION="win11x64"
 
@@ -37,18 +32,38 @@ ARGUMENTS="-tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0 $
 [[ "${VERSION,,}" == "win16" ]] && VERSION="win2016-eval"
 [[ "${VERSION,,}" == "win2016" ]] && VERSION="win2016-eval"
 
+if [[ "${VERSION,,}" == "tiny10" ]]; then
+  VERSION="https://archive.org/download/tiny-10-23-h2/tiny10%20x64%2023h2.iso"
+fi
+
+if [[ "${VERSION,,}" == "tiny11" ]]; then
+  VERSION="https://archive.org/download/tiny-11-core-x-64-beta-1/tiny11%20core%20x64%20beta%201.iso"
+fi
+
+if [[ "${VERSION,,}" == "http"* ]]; then
+  EXTERNAL="Y"
+else
+  EXTERNAL="N"
+fi
+
 MSG="Please wait while Windows is being started..."
 
-if [ ! -f "$STORAGE/custom.iso" ]; then
+BASE="custom.iso"
+if [ ! -f "$STORAGE/$BASE" ]; then
+
   if [[ "$EXTERNAL" != [Yy1]* ]]; then
 
-    if [ ! -f "$STORAGE/$VERSION.iso" ]; then
+    BASE="$VERSION.iso"
+    if [ ! -f "$STORAGE/$BASE" ]; then
       MSG="Please wait while Windows is being downloaded..."
     fi
 
   else
 
-    BASE=$(basename "$VERSION")
+    BASE=$(basename "${VERSION%%\?*}")
+    : "${BASE//+/ }"; printf -v BASE '%b' "${_//%/\\x}"
+    BASE=$(echo "$BASE" | sed -e 's/[^A-Za-z0-9._-]/_/g')
+
     if [ ! -f "$STORAGE/$BASE" ]; then
       MSG="Please wait while '$BASE' is being downloaded..."
     fi
@@ -59,23 +74,11 @@ fi
 # Display wait message
 /run/server.sh "Windows" "$MSG" &
 
-BASE="custom.iso"
-[ -f "$STORAGE/$BASE" ] && return 0
-
-if [[ "$EXTERNAL" != [Yy1]* ]]; then
-
-  BASE="$VERSION.iso"
-
-else
-
-  BASE=$(basename "$VERSION")
-
-fi
-
 [ -f "$STORAGE/$BASE" ] && return 0
 
 TMP="$STORAGE/tmp"
-rm -rf "$TMP" && mkdir -p "$TMP"
+rm -rf "$TMP"
+mkdir -p "$TMP"
 
 ISO="$TMP/$BASE"
 rm -f "$ISO"
@@ -105,48 +108,167 @@ else
 
   { wget "$VERSION" -O "$ISO" -q --no-check-certificate --show-progress "$PROGRESS"; rc=$?; } || :
 
-  (( rc != 0 )) && error "Failed to download $VERSION, reason: $rc" && exit 60
+  (( rc != 0 )) && echo && error "Failed to download $VERSION, reason: $rc" && exit 60
 
 fi
 
-[ ! -f "$ISO" ] && error "Failed to download $VERSION" && exit 61
+[ ! -f "$ISO" ] && echo && error "Failed to download $VERSION" && exit 61
 
 SIZE=$(stat -c%s "$ISO")
 
 if ((SIZE<10000000)); then
-  error "Invalid ISO file: Size is smaller than 10 MB" && exit 62
+  echo && error "Invalid ISO file: Size is smaller than 10 MB" && exit 62
 fi
 
-info "Preparing ISO image for installation..."
+echo && info "Extracting downloaded ISO image..."
 
 DIR="$TMP/unpack"
 rm -rf "$DIR"
 
-7z x "$ISO" -o"$DIR"
+7z x "$ISO" -o"$DIR" > /dev/null
+echo
+
+XML=""
+FB="falling back to manual installation!"
+
+if [ -z "$MANUAL" ]; then
+
+  MANUAL="N"
+
+  if [[ "$EXTERNAL" == [Yy1]* ]]; then
+    [[ "${BASE,,}" == "tiny10"* ]] && MANUAL="Y"
+  fi
+
+fi
 
 if [[ "$MANUAL" != [Yy1]* ]]; then
   if [[ "$EXTERNAL" != [Yy1]* ]]; then
-    if [ -f "/run/assets/$VERSION.xml" ]; then
 
-      wimlib-imagex update "$DIR/sources/boot.wim" 2 \
-        --command "add /run/assets/$VERSION.xml /autounattend.xml"
+    XML="$VERSION.xml"
 
+  else
+
+    info "Detecting Windows version from ISO image..."
+
+    LOC="$DIR/sources/install.wim"
+    [ ! -f "$LOC" ] && LOC="$DIR/sources/install.esd"
+
+    if [ -f "$LOC" ]; then
+
+      DETECTED=""
+      TAG="DISPLAYNAME"
+      RESULT=$(wimlib-imagex info -xml "$LOC" | tr -d '\000')
+      NAME=$(sed -n "/$TAG/{s/.*<$TAG>\(.*\)<\/$TAG>.*/\1/;p}" <<< "$RESULT")
+
+      if [ -z "$NAME" ]; then
+        TAG="PRODUCTNAME"
+        NAME=$(sed -n "/$TAG/{s/.*<$TAG>\(.*\)<\/$TAG>.*/\1/;p}" <<< "$RESULT")
+      fi
+
+      [[ "${NAME,,}" == "windows 11"* ]] && DETECTED="win11x64"
+      [[ "${NAME,,}" == "windows 10"* ]] && DETECTED="win10x64"
+      [[ "${NAME,,}" == "windows 8"* ]] && DETECTED="win81x64"
+      [[ "${NAME,,}" == *"server 2022"* ]] && DETECTED="win2022-eval"
+      [[ "${NAME,,}" == *"server 2019"* ]] && DETECTED="win2019-eval"
+      [[ "${NAME,,}" == *"server 2016"* ]] && DETECTED="win2016-eval"
+
+      if [ -n "$DETECTED" ]; then
+
+        XML="$DETECTED.xml"
+        echo "Detected image of type '$DETECTED', will apply autounattend.xml file."
+
+      else
+        if [ -z "$NAME" ]; then
+          error "Warning: failed to detect Windows version from image, $FB"
+        else
+          if [[ "${NAME,,}" == "windows 7" ]]; then
+            error "Warning: detected Windows 7 image, $FB"
+          else
+            error "Warning: failed to detect Windows version from string '$NAME', $FB"
+          fi
+        fi
+      fi
+    else
+      error "Warning: failed to locate 'install.wim' or 'install.esd' in ISO image, $FB"
     fi
+    echo
   fi
 fi
 
-LABEL="${BASE%.*}"
-LABEL="${LABEL::32}"
+ASSET="/run/assets/$XML"
 
-ISO="$TMP/$LABEL.tmp"
-rm -f "$ISO"
+if [ -f "$ASSET" ]; then
 
-genisoimage -b boot/etfsboot.com -no-emul-boot -c BOOT.CAT -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames \
-            -v -V "$LABEL" -udf -boot-info-table -eltorito-alt-boot -eltorito-boot efi/microsoft/boot/efisys_noprompt.bin \
-            -no-emul-boot -o "$ISO" -allow-limited-size "$DIR"
+  LOC="$DIR/sources/boot.wim"
+  [ ! -f "$LOC" ] && LOC="$DIR/sources/boot.esd"
+
+  if [ -f "$LOC" ]; then
+
+    info "Adding XML file for automatic installation..."
+
+    RESULT=$(wimlib-imagex info -xml "$LOC" | tr -d '\000')
+
+    if [[ "${RESULT^^}" == *"<IMAGE INDEX=\"2\">"* ]]; then
+      INDEX="2"
+    else
+      INDEX="1"
+    fi
+
+    wimlib-imagex update "$LOC" "$INDEX" --command "add $ASSET /autounattend.xml" > /dev/null
+
+  else
+    error "Warning: failed to locate 'boot.wim' or 'boot.esd' in ISO image, $FB"
+  fi
+
+  LOC="$DIR/autounattend.xml"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/Autounattend.xml"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/AutoUnattend.xml"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/autounattend.XML"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/Autounattend.XML"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/AutoUnattend.XML"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/AUTOUNATTEND.xml"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+  LOC="$DIR/AUTOUNATTEND.XML"
+  [ -f "$LOC" ] && mv -f "$ASSET" "$LOC"
+
+  echo
+
+else
+  [ -n "$XML" ] && error "Warning: XML file '$XML' does not exist, $FB" && echo
+fi
+
+ETFS="boot/etfsboot.com"
+EFISYS="efi/microsoft/boot/efisys_noprompt.bin"
+
+if [ -f "$DIR/$ETFS" ]; then
+  if [ -f "$DIR/$EFISYS" ]; then
+
+    CAT="BOOT.CAT"
+    LABEL="${BASE%.*}"
+    LABEL="${LABEL::32}"
+    ISO="$TMP/$LABEL.tmp"
+    rm -f "$ISO"
+
+    info "Generating new ISO image for installation..."
+
+    genisoimage -b "$ETFS" -no-emul-boot -c "$CAT" -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames -quiet -V "$LABEL" -udf \
+                           -boot-info-table -eltorito-alt-boot -eltorito-boot "$EFISYS" -no-emul-boot -o "$ISO" -allow-limited-size "$DIR"
+
+  else
+    error "Failed to locate file 'efisys_noprompt.bin' in ISO image, $FB"
+  fi
+else
+  error "Failed to locate file 'etfsboot.com' in ISO image, $FB"
+fi
 
 mv "$ISO" "$STORAGE/$BASE"
-
 rm -rf "$TMP"
 
+echo
 return 0