From a1627ac743289e768b138f1a60753a62e0869cc4 Mon Sep 17 00:00:00 2001
From: srdusr <trevorgray@srdusr.com>
Date: Wed, 24 Sep 2025 05:25:39 +0200
Subject: Update/Overhaul

---
 virt/windows.sh | 1156 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1156 insertions(+)
 create mode 100755 virt/windows.sh

(limited to 'virt/windows.sh')

diff --git a/virt/windows.sh b/virt/windows.sh
new file mode 100755
index 0000000..1863f8a
--- /dev/null
+++ b/virt/windows.sh
@@ -0,0 +1,1156 @@
+#!/usr/bin/env bash
+
+# Windows VM Creation Script
+# Description: Creates and manages Windows virtual machines using QEMU/KVM
+# Features:
+#   - Supports Windows 10, 11, and Server
+#   - Automatic dependency checking
+#   - Multiple VM instance support
+#   - Cache management
+#   - Unattended installation
+#   - SMB sharing support
+#   - Network control
+
+# Usage: ./windows.sh [VERSION] [OPTIONS]
+# Versions:
+#   10              Windows 10
+#   11              Windows 11 (default)
+#   server          Windows Server 2022
+#   server2019      Windows Server 2019
+#   server2016      Windows Server 2016
+
+# Options:
+#   --help              Show this help message
+#   --clean             Clean dependency cache
+#   --check-deps       Only check dependencies and exit
+#   --download-iso     Download Windows ISO and exit
+#   --name NAME        Set custom VM name
+#   --ram SIZE         Set RAM size (default: 8G)
+#   --cpu NUM          Set number of CPUs (default: 6)
+#   --disk SIZE        Set disk size (default: 80G)
+#   --enable-smb       Enable SMB sharing (default: disabled)
+#   --disable-net      Disable network connectivity (default: enabled)
+
+# Parse command line arguments
+WINDOWS_VERSION="11"
+CLEAN_CACHE=false
+CHECK_DEPS_ONLY=false
+DOWNLOAD_ISO_ONLY=false
+VM_NAME="windows-11"
+VM_RAM="8G"
+VM_CPU="6"
+VM_SIZE="80G"
+ENABLE_SMB=false
+DISABLE_NET=false
+
+# Handle version argument if it's the first argument
+if [[ $# -gt 0 && ! $1 =~ ^-- ]]; then
+    case "$1" in
+    "10")
+        WINDOWS_VERSION="10"
+        VM_NAME="windows-10"
+        ;;
+    "server" | "server2022")
+        WINDOWS_VERSION="server2022"
+        VM_NAME="windows-server-2022"
+        ;;
+    "server2019")
+        WINDOWS_VERSION="server2019"
+        VM_NAME="windows-server-2019"
+        ;;
+    "server2016")
+        WINDOWS_VERSION="server2016"
+        VM_NAME="windows-server-2016"
+        ;;
+    *)
+        echo "Unknown Windows version: $1"
+        echo "Use --help for usage information"
+        exit 1
+        ;;
+    esac
+    shift
+fi
+
+while [[ $# -gt 0 ]]; do
+    case $1 in
+    --help)
+        echo "Windows VM Creation Script"
+        echo "Usage: $0 [VERSION] [OPTIONS]"
+        echo
+        echo "Versions:"
+        echo "  10              Windows 10"
+        echo "  11              Windows 11 (default)"
+        echo "  server          Windows Server 2022"
+        echo "  server2019      Windows Server 2019"
+        echo "  server2016      Windows Server 2016"
+        echo
+        echo "Options:"
+        echo "  --help              Show this help message"
+        echo "  --clean             Clean dependency cache"
+        echo "  --check-deps       Only check dependencies and exit"
+        echo "  --download-iso     Download Windows ISO and exit"
+        echo "  --name NAME        Set custom VM name"
+        echo "  --ram SIZE         Set RAM size (default: 8G)"
+        echo "  --cpu NUM          Set number of CPUs (default: 6)"
+        echo "  --disk SIZE        Set disk size (default: 80G)"
+        echo "  --enable-smb       Enable SMB sharing (default: disabled)"
+        echo "  --disable-net      Disable network connectivity (default: enabled)"
+        exit 0
+        ;;
+    --clean)
+        CLEAN_CACHE=true
+        shift
+        ;;
+    --check-deps)
+        CHECK_DEPS_ONLY=true
+        shift
+        ;;
+    --download-iso)
+        DOWNLOAD_ISO_ONLY=true
+        shift
+        ;;
+    --name)
+        VM_NAME="$2"
+        shift 2
+        ;;
+    --ram)
+        VM_RAM="$2"
+        shift 2
+        ;;
+    --cpu)
+        VM_CPU="$2"
+        shift 2
+        ;;
+    --disk)
+        VM_SIZE="$2"
+        shift 2
+        ;;
+    --enable-smb)
+        ENABLE_SMB=true
+        shift
+        ;;
+    --disable-net)
+        DISABLE_NET=true
+        shift
+        ;;
+    *)
+        echo "Unknown option: $1"
+        echo "Use --help for usage information"
+        exit 1
+        ;;
+    esac
+done
+
+# Set variables
+HOST_DIR="$HOME/virt-new-new"
+VM_DIR="$HOST_DIR/machines"
+IMAGE_DIR="$HOST_DIR/images"
+WIN_ISO_DIR="${IMAGE_DIR}/${VM_NAME}" # Directory for Windows ISO
+SOCKET_DIR="$VM_DIR"
+SHARED_DIR="${HOST_DIR}/shared"
+FIRMWARE_DIR="${HOST_DIR}/firmware"
+TPM_DIR="$WIN_ISO_DIR"
+TPM_SOCKET="${WIN_ISO_DIR}/${VM_NAME}.swtpm-sock"
+GUEST_PORT=22
+QCOW2_FILE="${VM_DIR}/${VM_NAME}.qcow2"
+
+# Try to find an available host port starting from 22220
+HOST_PORT_START=22220
+HOST_PORT_END=22300
+
+for ((port = HOST_PORT_START; port <= HOST_PORT_END; port++)); do
+    if ! ss -tuln | grep -q ":$port\b"; then
+        HOST_PORT=$port
+        echo "Using available port: $HOST_PORT"
+        break
+    fi
+done
+
+if [[ $port -gt $HOST_PORT_END ]]; then
+    echo "Error: No available ports found between $HOST_PORT_START and $HOST_PORT_END" >&2
+    exit 1
+fi
+
+# Set SMP configuration
+CORES=$((VM_CPU / 2))
+THREADS_PER_CORE=2
+SOCKETS=1
+SMP_CONFIG="cores=$CORES,threads=$THREADS_PER_CORE,sockets=$SOCKETS"
+
+# Create necessary directories
+mkdir -p "${HOME}/${HOST_DIR}"
+mkdir -p "$IMAGE_DIR" "$SHARED_DIR" "$FIRMWARE_DIR"
+mkdir -p "$WIN_ISO_DIR" "$VM_DIR"
+mkdir -p "${WIN_ISO_DIR}/unattended"
+
+# Define ISO paths and URLs
+ISO_VIRTIO="${WIN_ISO_DIR}/virtio-win.iso"
+ISO_UNATTENDED="${WIN_ISO_DIR}/unattended.iso"
+
+# Find Windows ISO with flexible pattern matching
+find_windows_iso() {
+    # Check if directory exists
+    if [[ ! -d "$WIN_ISO_DIR" ]]; then
+        mkdir -p "$WIN_ISO_DIR"
+    fi
+
+    # Try to find any Windows ISO using case-insensitive patterns
+    local found_iso
+    found_iso=$(find "$WIN_ISO_DIR" -maxdepth 1 -type f \( \
+        -iname "*win11*.iso" -o \
+        -iname "*win*11*.iso" -o \
+        -iname "Win*.iso" -o \
+        -iname "Win11*.iso" -o \
+        -iname "Win*11*.iso" -o \
+        -iname "*windows*11*.iso" -o \
+        -iname "*windows11*.iso" \
+        \) -exec stat --format="%Y %n" {} \; | sort -n | tail -n 1 | cut -d' ' -f2-)
+
+    if [[ -n "$found_iso" && -f "$found_iso" ]]; then
+        echo "$found_iso"
+        return 0
+    fi
+
+    return 1
+}
+
+# Define download URLs
+VIRTIO_ISO_URL="https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso"
+SPICE_WEBDAVD_URL="https://www.spice-space.org/download/windows/spice-webdavd/spice-webdavd-x64-latest.msi"
+SPICE_VDAGENT_URL="https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-latest.msi"
+SPICE_VDAGENT_FALLBACK_URL="https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-0.10.0.msi"
+USBDK_URL="https://www.spice-space.org/download/windows/usbdk/UsbDk_1.0.22_x64.msi"
+
+# Fido download URL (Windows ISO downloader)
+#FIDO_URL="https://github.com/pbatard/Fido/raw/master/Fido.ps1"
+#FIDO_PATH="$WIN_DIR/Fido.ps1"
+
+# Print colored messages
+print_info() { echo -e "\033[1;34m[INFO]\033[0m $1" >&2; }
+print_success() { echo -e "\033[1;32m[SUCCESS]\033[0m $1" >&2; }
+print_warning() { echo -e "\033[1;33m[WARNING]\033[0m $1" >&2; }
+print_error() { echo -e "\033[1;31m[ERROR]\033[0m $1" >&2; }
+
+# Helper: verify file integrity
+verify_file() {
+    local file="$1"
+    local expected_sha256="$2"
+
+    if [[ ! -f "$file" ]]; then
+        return 1
+    fi
+
+    if [[ -n "$expected_sha256" ]]; then
+        local actual_sha256
+        actual_sha256=$(sha256sum "$file" | cut -d' ' -f1)
+        if [[ "$actual_sha256" != "$expected_sha256" ]]; then
+            print_error "File integrity check failed for $file"
+            return 1
+        fi
+    fi
+
+    return 0
+}
+
+# Helper: download file with verification
+download_file() {
+    local url="$1"
+    local dest="$2"
+    local expected_sha256="$3"
+    local allow_failure="$4"
+
+    # Check if file exists and is valid
+    if [[ -f "$dest" ]]; then
+        if verify_file "$dest" "$expected_sha256"; then
+            print_info "File $dest already exists and verified."
+            return 0
+        else
+            print_warning "File $dest exists but failed verification. Redownloading..."
+            rm -f "$dest"
+        fi
+    fi
+
+    print_info "Downloading $url..."
+    if ! curl -fL --progress-bar -o "$dest" "$url"; then
+        print_error "Failed to download $url."
+        if [[ "$allow_failure" != "true" ]]; then
+            return 1
+        fi
+    else
+        # Verify downloaded file
+        if ! verify_file "$dest" "$expected_sha256"; then
+            print_error "Downloaded file failed verification"
+            rm -f "$dest"
+            return 1
+        fi
+        print_success "Successfully downloaded and verified $dest"
+    fi
+
+    return 0
+}
+
+# Download Windows 11 ISO using Microsoft's API
+download_windows_iso() {
+    local windows_version="11"               # Default to Windows 11
+    local language="English (United States)" # Default language
+
+    # Parse arguments if provided
+    if [[ -n "$1" ]]; then
+        windows_version="$1"
+    fi
+
+    print_info "Attempting to download Windows $windows_version ISO from Microsoft..."
+
+    # Set required variables
+    local user_agent="Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
+    local session_id="$(uuidgen)"
+    local profile="606624d44113"
+    local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
+
+    # Add ISO to URL for Windows 10
+    case "$windows_version" in
+    10) url="${url}ISO" ;;
+    esac
+
+    # Step 1: Get download page HTML
+    print_info "Fetching download page: $url"
+    local iso_download_page_html
+    iso_download_page_html="$(curl --disable --silent --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url")" || {
+        handle_curl_error $?
+        print_error "Failed to fetch the download page. Please download Windows $windows_version ISO manually from $url"
+        return 1
+    }
+
+    # Step 2: Extract Product Edition ID
+    print_info "Getting Product Edition ID..."
+    local product_edition_id
+    product_edition_id="$(echo "$iso_download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)"
+
+    if [[ -z "$product_edition_id" ]]; then
+        print_error "Failed to extract product edition ID."
+        print_error "Please download Windows $windows_version ISO manually from $url"
+        return 1
+    fi
+
+    print_success "Product Edition ID: $product_edition_id"
+
+    # Step 3: Register session ID
+    print_info "Registering session ID: $session_id"
+    curl --disable --silent --output /dev/null --user-agent "$user_agent" \
+        --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 \
+        --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
+        print_error "Failed to register session ID."
+        return 1
+    }
+
+    # Step 4: Get language SKU ID
+    print_info "Getting language SKU ID..."
+    local language_skuid_table_json
+    language_skuid_table_json="$(curl --disable -s --fail --max-filesize 100K --proto =https --tlsv1.2 --http1.1 \
+        "https://www.microsoft.com/software-download-connector/api/getskuinformationbyproductedition?profile=${profile}&ProductEditionId=${product_edition_id}&SKU=undefined&friendlyFileName=undefined&Locale=en-US&sessionID=${session_id}")" || {
+        handle_curl_error $?
+        print_error "Failed to get language SKU information."
+        return 1
+    }
+
+    # Extract SKU ID for selected language
+    local sku_id
+
+    # Try with jq if available (more reliable)
+    if command -v jq >/dev/null 2>&1; then
+        sku_id="$(echo "$language_skuid_table_json" | jq -r '.Skus[] | select(.LocalizedLanguage=="'"$language"'" or .Language=="'"$language"'").Id')"
+    else
+        # Fallback to grep/cut if jq not available
+        sku_id="$(echo "$language_skuid_table_json" | grep -o '"Id":"[^"]*","Language":"'"$language"'"' | cut -d'"' -f4)"
+
+        if [[ -z "$sku_id" ]]; then
+            # Try alternative extraction method
+            sku_id="$(echo "$language_skuid_table_json" | grep -o '"LocalizedLanguage":"'"$language"'","Id":"[^"]*"' | cut -d'"' -f6)"
+        fi
+    fi
+
+    if [[ -z "$sku_id" ]]; then
+        print_error "Failed to extract SKU ID for $language."
+        return 1
+    fi
+
+    print_success "SKU ID: $sku_id"
+
+    # Step 5: Get ISO download link
+    print_info "Getting ISO download link..."
+    local iso_download_link_json
+    iso_download_link_json="$(curl --disable -s --fail --referer "$url" \
+        "https://www.microsoft.com/software-download-connector/api/GetProductDownloadLinksBySku?profile=${profile}&productEditionId=undefined&SKU=${sku_id}&friendlyFileName=undefined&Locale=en-US&sessionID=${session_id}")"
+
+    local failed=0
+
+    if [[ -z "$iso_download_link_json" ]]; then
+        print_error "Microsoft servers gave an empty response to the download request."
+        failed=1
+    fi
+
+    if echo "$iso_download_link_json" | grep -q "Sentinel marked this request as rejected."; then
+        print_error "Microsoft blocked the automated download request based on your IP address."
+        failed=1
+    fi
+
+    if [[ "$failed" -eq 1 ]]; then
+        print_warning "Please manually download the Windows $windows_version ISO using a web browser from: $url"
+        print_warning "Save the downloaded ISO to: $WIN_ISO_DIR"
+        return 1
+    fi
+
+    # Extract 64-bit ISO download URL
+    local iso_download_link
+
+    # Try with jq if available
+    if command -v jq >/dev/null 2>&1; then
+        iso_download_link="$(echo "$iso_download_link_json" | jq -r '.ProductDownloadOptions[].Uri' | grep x64 | head -n 1)"
+    else
+        # Fallback to grep/cut if jq not available
+        iso_download_link="$(echo "$iso_download_link_json" | grep -o '"Uri":"[^"]*x64[^"]*"' | cut -d'"' -f4 | head -n 1)"
+    fi
+
+    if [[ -z "$iso_download_link" ]]; then
+        print_error "Failed to extract the download link from Microsoft's response."
+        print_warning "Manually download the Windows $windows_version ISO using a web browser from: $url"
+        return 1
+    fi
+
+    print_success "Got download link: ${iso_download_link%%\?*}"
+
+    # Extract filename from URL
+    local file_name="$(echo "$iso_download_link" | cut -d'?' -f1 | rev | cut -d'/' -f1 | rev)"
+
+    # If filename couldn't be extracted, use default
+    if [[ -z "$file_name" || "$file_name" == "$iso_download_link" ]]; then
+        file_name="windows-$windows_version.iso"
+    fi
+
+    # Step 6: Download the ISO
+    print_info "Downloading Windows $windows_version ISO to $WIN_ISO_DIR/$file_name. This may take a while..."
+
+    # Check which download function to use
+    if type web_get >/dev/null 2>&1; then
+        web_get "$iso_download_link" "$WIN_ISO_DIR" "$file_name"
+    else
+        # Fallback to direct curl download
+        curl --disable --progress-bar --fail --location --proto '=https' --tlsv1.2 --http1.1 \
+            --retry 3 --retry-delay 3 --connect-timeout 30 \
+            --output "$WIN_ISO_DIR/$file_name" "$iso_download_link" || {
+            handle_curl_error $?
+            return 1
+        }
+    fi
+
+    if [[ $? -ne 0 ]]; then
+        print_error "Failed to download the Windows $windows_version ISO."
+        return 1
+    fi
+
+    print_success "Successfully downloaded Windows $windows_version ISO to $WIN_ISO_DIR/$file_name"
+
+    # Return the downloaded filename so calling code can use it
+    echo "$file_name"
+    return 0
+}
+
+# Create unattended installation ISO
+create_unattended_iso() {
+    print_info "Creating unattended installation ISO..."
+
+    # Create basic autounattend.xml if it doesn't exist
+    if [ ! -f "$WIN_ISO_DIR/unattended/autounattend.xml" ]; then
+        print_info "Creating autounattend.xml..."
+        cat >"$WIN_ISO_DIR/unattended/autounattend.xml" <<'EOF'
+<?xml version="1.0" encoding="utf-8"?>
+<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
+    <settings pass="windowsPE">
+        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+            <SetupUILanguage>
+                <UILanguage>en-US</UILanguage>
+            </SetupUILanguage>
+            <InputLocale>0409:00000409</InputLocale>
+            <SystemLocale>en-US</SystemLocale>
+            <UILanguage>en-US</UILanguage>
+            <UserLocale>en-US</UserLocale>
+        </component>
+        <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+            <ImageInstall>
+                <OSImage>
+                    <Compact>false</Compact>
+                    <InstallTo>
+                        <DiskID>0</DiskID>
+                        <PartitionID>3</PartitionID>
+                    </InstallTo>
+                </OSImage>
+            </ImageInstall>
+            <UserData>
+                <AcceptEula>true</AcceptEula>
+            </UserData>
+            <UseConfigurationSet>false</UseConfigurationSet>
+            <RunSynchronous>
+                <RunSynchronousCommand wcm:action="add">
+                    <Order>1</Order>
+                    <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" (echo SELECT DISK=0&amp;echo CLEAN&amp;echo CONVERT GPT&amp;echo CREATE PARTITION EFI SIZE=300&amp;echo FORMAT QUICK FS=FAT32 LABEL="System"&amp;echo CREATE PARTITION MSR SIZE=16)"</Path>
+                </RunSynchronousCommand>
+                <RunSynchronousCommand wcm:action="add">
+                    <Order>2</Order>
+                    <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" (echo CREATE PARTITION PRIMARY&amp;echo SHRINK MINIMUM=1000&amp;echo FORMAT QUICK FS=NTFS LABEL="Windows"&amp;echo CREATE PARTITION PRIMARY&amp;echo FORMAT QUICK FS=NTFS LABEL="Recovery")"</Path>
+                </RunSynchronousCommand>
+                <RunSynchronousCommand wcm:action="add">
+                    <Order>3</Order>
+                    <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" (echo SET ID="de94bba4-06d1-4d40-a16a-bfd50179d6ac"&amp;echo GPT ATTRIBUTES=0x8000000000000001)"</Path>
+                </RunSynchronousCommand>
+                <RunSynchronousCommand wcm:action="add">
+                    <Order>4</Order>
+                    <Path>cmd.exe /c "diskpart.exe /s "X:\diskpart.txt" &gt;&gt;"X:\diskpart.log" || ( type "X:\diskpart.log" &amp; echo diskpart encountered an error. &amp; pause &amp; exit /b 1 )"</Path>
+                </RunSynchronousCommand>
+            </RunSynchronous>
+        </component>
+    </settings>
+    <settings pass="specialize">
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+            <ComputerName>Win11-VM</ComputerName>
+            <TimeZone>UTC</TimeZone>
+        </component>
+    </settings>
+    <settings pass="oobeSystem">
+        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+            <InputLocale>0409:00000409</InputLocale>
+            <SystemLocale>en-US</SystemLocale>
+            <UILanguage>en-US</UILanguage>
+            <UserLocale>en-US</UserLocale>
+        </component>
+        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
+            <UserAccounts>
+                <LocalAccounts>
+                    <LocalAccount wcm:action="add">
+                        <Name>Admin</Name>
+                        <DisplayName></DisplayName>
+                        <Group>Administrators</Group>
+                        <Password>
+                            <Value>password</Value>
+                            <PlainText>true</PlainText>
+                        </Password>
+                    </LocalAccount>
+                    <LocalAccount wcm:action="add">
+                        <Name>User</Name>
+                        <DisplayName></DisplayName>
+                        <Group>Users</Group>
+                        <Password>
+                            <Value>password</Value>
+                            <PlainText>true</PlainText>
+                        </Password>
+                    </LocalAccount>
+                </LocalAccounts>
+            </UserAccounts>
+            <AutoLogon>
+                <Username>Admin</Username>
+                <Enabled>true</Enabled>
+                <LogonCount>1</LogonCount>
+                <Password>
+                    <Value>password</Value>
+                    <PlainText>true</PlainText>
+                </Password>
+            </AutoLogon>
+            <OOBE>
+                <ProtectYourPC>3</ProtectYourPC>
+                <HideEULAPage>true</HideEULAPage>
+                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
+                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
+                <HideLocalAccountScreen>true</HideLocalAccountScreen>
+                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
+                <SkipMachineOOBE>true</SkipMachineOOBE>
+                <SkipUserOOBE>true</SkipUserOOBE>
+            </OOBE>
+        </component>
+    </settings>
+</unattend>
+EOF
+    fi
+
+    # Create the unattended ISO
+    local iso_tool=""
+
+    if command -v genisoimage >/dev/null 2>&1; then
+        iso_tool="genisoimage"
+    elif command -v mkisofs >/dev/null 2>&1; then
+        iso_tool="mkisofs"
+    elif command -v xorriso >/dev/null 2>&1; then
+        iso_tool="xorriso"
+    fi
+
+    if [ "$iso_tool" != "" ]; then
+        print_info "Creating unattended ISO using $iso_tool..."
+
+        if [ "$iso_tool" = "xorriso" ]; then
+            xorriso -as genisoimage -J -r -o "$WIN_ISO_DIR/unattended.iso" "$WIN_ISO_DIR/unattended"
+        else
+            "$iso_tool" -J -r -o "$WIN_ISO_DIR/unattended.iso" "$WIN_ISO_DIR/unattended"
+        fi
+
+        return $?
+    else
+        print_warning "No ISO creation tool found (genisoimage, mkisofs, or xorriso)"
+        print_warning "Creating empty ISO file as fallback"
+        touch "$WIN_ISO_DIR/unattended.iso"
+        return 1
+    fi
+}
+
+# Download or locate essential files
+prepare_files() {
+    # Find Windows ISO
+    WINDOWS_ISO_PATH=$(find_windows_iso | tail -n 1 | xargs)
+    local iso_found=false
+
+    # Check if we found a valid ISO
+    if [[ -n "$WINDOWS_ISO_PATH" && -f "$WINDOWS_ISO_PATH" ]]; then
+        print_success "Using Windows ISO: $WINDOWS_ISO_PATH"
+        iso_found=true
+    else
+        print_warning "Windows ISO not found, attempting to download..."
+        if download_windows_iso; then
+            # Check again after download attempt
+            WINDOWS_ISO_PATH=$(find_windows_iso | tail -n 1 | xargs)
+            if [[ -n "$WINDOWS_ISO_PATH" && -f "$WINDOWS_ISO_PATH" ]]; then
+                print_success "Using downloaded Windows ISO: $WINDOWS_ISO_PATH"
+                iso_found=true
+            fi
+        fi
+    fi
+
+    # If we still don't have an ISO, exit
+    if [[ "$iso_found" != "true" ]]; then
+        print_error "Could not find or download Windows ISO"
+        print_info "Please place your Windows ISO file in: $WIN_ISO_DIR"
+        exit 1
+    fi
+
+    # Download VirtIO drivers if missing
+    if [[ ! -f "$ISO_VIRTIO" ]]; then
+        print_info "VirtIO drivers ISO not found, downloading..."
+        download_file "$VIRTIO_ISO_URL" "$ISO_VIRTIO"
+    else
+        print_success "VirtIO drivers ISO already exists: $ISO_VIRTIO"
+    fi
+
+    # Define the directory containing the MSI files
+    UNATTENDED_DIR="$WIN_ISO_DIR/unattended"
+    mkdir -p "$UNATTENDED_DIR"
+
+    # Find the latest Spice WebDAVD MSI
+    SPICE_WEBDAVD_MSI=$(find "$UNATTENDED_DIR" -type f -iname "spice-webdavd-x64*.msi" -exec stat --format="%Y %n" {} \; | sort -n | tail -n 1 | cut -d' ' -f2-)
+
+    # Find the latest Spice VD Agent MSI
+    SPICE_VDAGENT_MSI=$(find "$UNATTENDED_DIR" -type f -iname "spice-vdagent-x64*.msi" -exec stat --format="%Y %n" {} \; | sort -n | tail -n 1 | cut -d' ' -f2-)
+
+    # Find the latest UsbDk MSI
+    USBDK_MSI=$(find "$UNATTENDED_DIR" -type f -iname "UsbDk_*_x64.msi" -exec stat --format="%Y %n" {} \; | sort -n | tail -n 1 | cut -d' ' -f2-)
+
+    # Spice Guest Tools + UsbDk (only if missing)
+    if [[ ! -f "$SPICE_WEBDAVD_MSI" ]]; then
+        print_info "Downloading Spice WebDAVD..."
+        curl -L -o "$UNATTENDED_DIR/spice-webdavd-x64-latest.msi" "$SPICE_WEBDAVD_URL" || {
+            print_error "Failed to download Spice WebDAVD"
+            return 1
+        }
+    else
+        print_success "Spice WebDAVD MSI already exists: $SPICE_WEBDAVD_MSI"
+    fi
+
+    if [[ ! -f "$SPICE_VDAGENT_MSI" ]]; then
+        print_info "Downloading Spice VD Agent..."
+        # Try multiple mirrors for spice-vdagent
+        local spice_mirrors=(
+            "https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-latest.msi"
+            "https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-0.10.0.msi"
+            "https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-0.9.0.msi"
+            "https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-0.8.0.msi"
+            "https://www.spice-space.org/download/windows/spice-vdagent/spice-vdagent-x64-0.7.0.msi"
+        )
+
+        local download_success=false
+        for mirror in "${spice_mirrors[@]}"; do
+            print_info "Trying mirror: $mirror"
+            if curl -L -o "$UNATTENDED_DIR/spice-vdagent-x64-latest.msi" "$mirror"; then
+                # Verify the downloaded file
+                if [[ -s "$UNATTENDED_DIR/spice-vdagent-x64-latest.msi" ]]; then
+                    download_success=true
+                    break
+                else
+                    print_warning "Downloaded file is empty, trying next mirror..."
+                    rm -f "$UNATTENDED_DIR/spice-vdagent-x64-latest.msi"
+                fi
+            fi
+        done
+
+        if [[ "$download_success" == "false" ]]; then
+            print_error "Failed to download Spice VD Agent from all mirrors"
+            return 1
+        fi
+    else
+        print_success "Spice VD Agent MSI already exists: $SPICE_VDAGENT_MSI"
+    fi
+
+    if [[ ! -f "$USBDK_MSI" ]]; then
+        print_info "Downloading UsbDk..."
+        curl -L -o "$UNATTENDED_DIR/UsbDk_1.0.22_x64.msi" "$USBDK_URL" || {
+            print_error "Failed to download UsbDk"
+            return 1
+        }
+    else
+        print_success "UsbDk MSI already exists: $USBDK_MSI"
+    fi
+
+    # Create unattended ISO if it doesn't exist
+    if [[ ! -f "$ISO_UNATTENDED" ]]; then
+        create_unattended_iso
+    else
+        print_success "Unattended ISO already exists: $ISO_UNATTENDED"
+    fi
+}
+
+# Locate OVMF firmware files
+locate_ovmf() {
+    OVMF_DIRS=(
+        "/usr/share/OVMF"
+        "/usr/share/qemu"
+        "/usr/lib/qemu"
+        "/usr/share/edk2"
+        "/usr/lib/edk2"
+        "/usr/share/edk2/ovmf"
+        "/usr/share/edk2-ovmf"
+    )
+
+    OVMF_CODE=""
+    OVMF_VARS=""
+
+    for dir in "${OVMF_DIRS[@]}"; do
+        [[ -z "$OVMF_CODE" ]] && OVMF_CODE=$(find "$dir" -type f -name "OVMF_CODE.fd" -o -name "edk2-x86_64-code.fd" 2>/dev/null | head -n 1)
+        [[ -z "$OVMF_VARS" ]] && OVMF_VARS=$(find "$dir" -type f -name "OVMF_VARS.fd" 2>/dev/null | head -n 1)
+        [[ -n "$OVMF_CODE" && -n "$OVMF_VARS" ]] && break
+    done
+
+    # Ensure a writable copy of OVMF_VARS.fd
+    local original_ovmf_vars="$OVMF_VARS"
+    OVMF_VARS="$FIRMWARE_DIR/OVMF_VARS.fd"
+
+    if [[ ! -f "$OVMF_VARS" && -f "$original_ovmf_vars" ]]; then
+        print_info "Copying OVMF_VARS.fd to $OVMF_VARS"
+        cp "$original_ovmf_vars" "$OVMF_VARS" 2>/dev/null || {
+            print_error "Failed to copy OVMF_VARS.fd!"
+            exit 1
+        }
+    fi
+
+    # Check if required files exist
+    if [[ -z "$OVMF_CODE" || ! -f "$OVMF_CODE" ]]; then
+        print_error "OVMF_CODE.fd not found!"
+        exit 1
+    fi
+    if [[ ! -f "$OVMF_VARS" ]]; then
+        print_error "OVMF_VARS.fd not found or could not be copied!"
+        exit 1
+    fi
+    #}
+}
+
+# Create VM disk image
+create_disk() {
+    # Check if the qcow2 image file exists; if not, create it
+    if [[ ! -f "$QCOW2_FILE" ]]; then
+        print_info "Creating $QCOW2_FILE with a size of $VM_SIZE"
+        qemu-img create -f qcow2 "$QCOW2_FILE" "$VM_SIZE" || {
+            print_error "Failed to create qcow2 image!"
+            exit 1
+        }
+    else
+        print_success "VM disk image already exists: $QCOW2_FILE"
+    fi
+}
+
+# Generate unique PID file for this instance
+generate_pid_file() {
+    local base_pid_file="$VM_DIR/$VM_NAME.pid"
+    local pid_file="$base_pid_file"
+    local counter=1
+
+    # If the base PID file exists, try to find an available number
+    while [[ -f "$pid_file" ]]; do
+        pid_file="${base_pid_file%.pid}-${counter}.pid"
+        ((counter++))
+    done
+
+    echo "$pid_file"
+}
+
+# Start the VM
+start_vm() {
+    # Verify that we have a Windows ISO
+    if [[ -z "$WINDOWS_ISO_PATH" || ! -f "$WINDOWS_ISO_PATH" ]]; then
+        print_error "Windows ISO file not found. Cannot start VM."
+        print_info "Please download Windows 11 ISO and save it to: $WIN_ISO_DIR"
+        exit 1
+    fi
+
+    # Start swtpm
+    print_info "Starting TPM emulator..."
+    /sbin/swtpm socket \
+        --ctrl type=unixio,path="$TPM_SOCKET" \
+        --terminate \
+        --tpmstate dir="$TPM_DIR" \
+        --tpm2 &
+
+    # Wait for swtpm socket
+    sleep 1
+
+    print_info "Starting Windows 11 VM..."
+    print_info "Using Windows ISO: $WINDOWS_ISO_PATH"
+
+    # Build network options
+    local network_opts=()
+    if [[ "$DISABLE_NET" == "true" ]]; then
+        network_opts=(
+            "-netdev" "none,id=nic"
+            "-device" "virtio-net,netdev=nic"
+        )
+    else
+        if [[ "$ENABLE_SMB" == "true" ]]; then
+            network_opts=(
+                "-netdev" "user,id=nic,hostname=$VM_NAME,hostfwd=tcp::$HOST_PORT-:$GUEST_PORT,smb=$SHARED_DIR"
+                "-device" "virtio-net,netdev=nic"
+            )
+        else
+            network_opts=(
+                "-netdev" "user,id=nic,hostname=$VM_NAME,hostfwd=tcp::$HOST_PORT-:$GUEST_PORT"
+                "-device" "virtio-net,netdev=nic"
+            )
+        fi
+    fi
+
+    # Run QEMU
+    /sbin/qemu-system-x86_64 \
+        -name "$VM_NAME",process="$VM_NAME" \
+        -machine q35,hpet=off,smm=on,vmport=off,accel=kvm \
+        -global kvm-pit.lost_tick_policy=discard \
+        -global ICH9-LPC.disable_s3=1 \
+        -cpu host,+hypervisor,+invtsc,l3-cache=on,migratable=no,hv_passthrough \
+        -smp "$SMP_CONFIG" \
+        -m "$VM_RAM" \
+        -device virtio-balloon \
+        -pidfile "$PID_FILE" \
+        -rtc base=localtime,clock=host,driftfix=slew \
+        -vga none \
+        -device virtio-vga-gl,xres=1280,yres=800 \
+        -display sdl,gl=on \
+        -boot menu=on,splash-time=0,order=d,reboot-timeout=5000 \
+        -device virtio-rng-pci,rng=rng0 \
+        -object rng-random,id=rng0,filename=/dev/urandom \
+        -device qemu-xhci,id=spicepass \
+        -chardev spicevmc,id=usbredirchardev1,name=usbredir \
+        -device usb-redir,chardev=usbredirchardev1,id=usbredirdev1 \
+        -chardev spicevmc,id=usbredirchardev2,name=usbredir \
+        -device usb-redir,chardev=usbredirchardev2,id=usbredirdev2 \
+        -chardev spicevmc,id=usbredirchardev3,name=usbredir \
+        -device usb-redir,chardev=usbredirchardev3,id=usbredirdev3 \
+        -device pci-ohci,id=smartpass \
+        -device usb-ccid \
+        -chardev spicevmc,id=ccid,name=smartcard \
+        -device ccid-card-passthru,chardev=ccid \
+        -device usb-ehci,id=input \
+        -device usb-kbd,bus=input.0 \
+        -k en-us \
+        -device usb-tablet,bus=input.0 \
+        -audiodev pipewire,id=audio0 \
+        -device intel-hda \
+        -device hda-micro,audiodev=audio0 \
+        "${network_opts[@]}" \
+        -global driver=cfi.pflash01,property=secure,value=on \
+        -drive if=pflash,format=raw,unit=0,file="$OVMF_CODE",readonly=on \
+        -drive if=pflash,format=raw,unit=1,file="$OVMF_VARS" \
+        -drive media=cdrom,index=1,file="$ISO_UNATTENDED" \
+        -drive media=cdrom,index=0,file="$WINDOWS_ISO_PATH" \
+        -drive media=cdrom,index=2,file="$ISO_VIRTIO" \
+        -device virtio-blk-pci,drive=SystemDisk \
+        -drive id=SystemDisk,if=none,format=qcow2,file="$QCOW2_FILE" \
+        -chardev socket,id=chrtpm,path="$TPM_SOCKET" \
+        -tpmdev emulator,id=tpm0,chardev=chrtpm \
+        -device tpm-tis,tpmdev=tpm0 \
+        -monitor unix:"$SOCKET_DIR/$VM_NAME-monitor.socket",server,nowait \
+        -serial unix:"$SOCKET_DIR/$VM_NAME-serial.socket",server,nowait
+}
+
+# Check dependencies
+check_dependencies() {
+    # Cache file for dependency checks and VM configuration
+    local cache_name="windows-vm-${VM_NAME}-${VM_RAM}-${VM_CPU}-${VM_SIZE}"
+    local cache_file="${HOME}/.cache/${cache_name}.cache"
+    local cache_dir=$(dirname "$cache_file")
+    local cache_valid=false
+    local missing_deps=()
+    local pkg_manager=""
+    local pkg_install_cmd=""
+    local privilege_cmd=""
+
+    # Clean cache if requested
+    if [[ "$CLEAN_CACHE" == "true" ]]; then
+        print_info "Cleaning dependency cache..."
+        rm -f "$cache_file"
+    fi
+
+    # Create cache directory if it doesn't exist
+    mkdir -p "$cache_dir"
+
+    # Check if cache is valid (less than 24 hours old)
+    if [[ -f "$cache_file" ]]; then
+        local cache_age=$(($(date +%s) - $(stat -c %Y "$cache_file")))
+        if [[ $cache_age -lt 86400 ]]; then # 24 hours in seconds
+            # Read cached configuration
+            local cached_config
+            cached_config=$(head -n 1 "$cache_file" 2>/dev/null)
+            # Compare with current configuration
+            if [[ "$cached_config" == "${VM_NAME}-${VM_RAM}-${VM_CPU}-${VM_SIZE}" ]]; then
+                cache_valid=true
+            else
+                print_info "VM configuration changed, invalidating cache..."
+                rm -f "$cache_file"
+            fi
+        fi
+    fi
+
+    # Check KVM group membership
+    if ! groups | grep -q -E 'kvm|qemu'; then
+        print_warning "User is not a member of kvm or qemu group"
+        print_info "You may need to add your user to the kvm group:"
+        print_info "sudo usermod -aG kvm $USER"
+    fi
+
+    # Detect package manager and privilege command
+    if command -v emerge >/dev/null 2>&1; then
+        pkg_manager="emerge"
+        pkg_install_cmd="emerge --ask --noreplace"
+        privilege_cmd="sudo"
+        # Gentoo package mapping
+        declare -A pkg_map=(
+            ["qemu-system-x86_64"]="app-emulation/qemu"
+            ["qemu-img"]="app-emulation/qemu"
+            ["swtpm"]="app-crypt/swtpm"
+            ["genisoimage"]="app-cdr/cdrtools"
+            ["curl"]="net-misc/curl"
+            ["uuidgen"]="sys-apps/util-linux"
+            ["jq"]="app-misc/jq"
+            ["glxinfo"]="x11-apps/mesa-progs"
+            ["lspci"]="sys-apps/pciutils"
+            ["ps"]="sys-process/procps"
+            ["python3"]="dev-lang/python"
+            ["mkisofs"]="app-cdr/cdrtools"
+            ["lsusb"]="sys-apps/usbutils"
+            ["socat"]="net-misc/socat"
+            ["spicy"]="app-emulation/spice"
+            ["xrandr"]="x11-apps/xrandr"
+            ["zsync"]="net-misc/zsync"
+            ["unzip"]="app-arch/unzip"
+        )
+    elif command -v apt-get >/dev/null 2>&1; then
+        pkg_manager="apt-get"
+        pkg_install_cmd="apt-get install -y"
+        privilege_cmd="sudo"
+        # Debian/Ubuntu package mapping
+        declare -A pkg_map=(
+            ["qemu-system-x86_64"]="qemu-system-x86"
+            ["qemu-img"]="qemu-utils"
+            ["swtpm"]="swtpm-tools"
+            ["genisoimage"]="genisoimage"
+            ["curl"]="curl"
+            ["uuidgen"]="uuid-runtime"
+            ["jq"]="jq"
+            ["glxinfo"]="mesa-utils"
+            ["lspci"]="pciutils"
+            ["ps"]="procps"
+            ["python3"]="python3"
+            ["mkisofs"]="genisoimage"
+            ["lsusb"]="usbutils"
+            ["socat"]="socat"
+            ["spicy"]="spice-client-gtk"
+            ["xrandr"]="x11-xserver-utils"
+            ["zsync"]="zsync"
+            ["unzip"]="unzip"
+        )
+    elif command -v dnf >/dev/null 2>&1; then
+        pkg_manager="dnf"
+        pkg_install_cmd="dnf install -y"
+        privilege_cmd="sudo"
+        # Fedora package mapping
+        declare -A pkg_map=(
+            ["qemu-system-x86_64"]="qemu-system-x86"
+            ["qemu-img"]="qemu-img"
+            ["swtpm"]="swtpm"
+            ["genisoimage"]="genisoimage"
+            ["curl"]="curl"
+            ["uuidgen"]="util-linux"
+            ["jq"]="jq"
+            ["glxinfo"]="mesa-demos"
+            ["lspci"]="pciutils"
+            ["ps"]="procps-ng"
+            ["python3"]="python3"
+            ["mkisofs"]="genisoimage"
+            ["lsusb"]="usbutils"
+            ["socat"]="socat"
+            ["spicy"]="spice-gtk-tools"
+            ["xrandr"]="xorg-x11-server-utils"
+            ["zsync"]="zsync"
+            ["unzip"]="unzip"
+        )
+    elif command -v pacman >/dev/null 2>&1; then
+        pkg_manager="pacman"
+        pkg_install_cmd="pacman -S --noconfirm"
+        privilege_cmd="sudo"
+        # Arch package mapping
+        declare -A pkg_map=(
+            ["qemu-system-x86_64"]="qemu"
+            ["qemu-img"]="qemu"
+            ["swtpm"]="swtpm"
+            ["genisoimage"]="cdrtools"
+            ["curl"]="curl"
+            ["uuidgen"]="util-linux"
+            ["jq"]="jq"
+            ["glxinfo"]="mesa-utils"
+            ["lspci"]="pciutils"
+            ["ps"]="procps-ng"
+            ["python3"]="python"
+            ["mkisofs"]="cdrtools"
+            ["lsusb"]="usbutils"
+            ["socat"]="socat"
+            ["spicy"]="spice-gtk"
+            ["xrandr"]="xorg-xrandr"
+            ["zsync"]="zsync"
+            ["unzip"]="unzip"
+        )
+    fi
+
+    # List of required commands and their package names
+    local deps=(
+        "qemu-system-x86_64"
+        "qemu-img"
+        "swtpm"
+        "genisoimage"
+        "curl"
+        "uuidgen"
+        "jq"
+        "glxinfo"
+        "lspci"
+        "ps"
+        "python3"
+        "mkisofs"
+        "lsusb"
+        "socat"
+        "spicy"
+        "xrandr"
+        "zsync"
+        "unzip"
+    )
+
+    # If cache is valid, read from it
+    if [[ "$cache_valid" == "true" ]]; then
+        print_info "Using cached dependency information..."
+        # Skip the first line (configuration) and read dependencies
+        tail -n +2 "$cache_file" | while IFS= read -r dep; do
+            if ! command -v "$dep" >/dev/null 2>&1; then
+                missing_deps+=("$dep")
+            fi
+        done
+    else
+        # Check each dependency and cache the results
+        print_info "Checking dependencies..."
+
+        # Clear cache file and write current configuration
+        echo "${VM_NAME}-${VM_RAM}-${VM_CPU}-${VM_SIZE}" >"$cache_file"
+
+        for dep in "${deps[@]}"; do
+            # Special case for genisoimage/mkisofs
+            if [[ "$dep" == "genisoimage" ]]; then
+                if ! command -v genisoimage >/dev/null 2>&1 && ! command -v mkisofs >/dev/null 2>&1; then
+                    missing_deps+=("$dep")
+                    echo "$dep" >>"$cache_file"
+                fi
+            # Special case for xdg-user-dirs
+            elif [[ "$dep" == "xdg-user-dirs" ]]; then
+                if ! pkg-config --exists xdg-user-dirs; then
+                    missing_deps+=("$dep")
+                    echo "$dep" >>"$cache_file"
+                fi
+            # Normal case for other dependencies
+            elif ! command -v "$dep" >/dev/null 2>&1; then
+                missing_deps+=("$dep")
+                echo "$dep" >>"$cache_file"
+            fi
+        done
+    fi
+
+    if [[ ${#missing_deps[@]} -gt 0 ]]; then
+        print_warning "Missing dependencies:"
+        for dep in "${missing_deps[@]}"; do
+            if [[ -n "${pkg_map[$dep]}" ]]; then
+                print_warning "- $dep (package: ${pkg_map[$dep]})"
+            else
+                print_warning "- $dep"
+            fi
+        done
+
+        if [[ -n "$pkg_manager" ]]; then
+            print_info "Detected package manager: $pkg_manager"
+            read -p "Would you like to install the missing dependencies? (y/N) " -n 1 -r
+            echo
+            if [[ $REPLY =~ ^[Yy]$ ]]; then
+                # Check for privilege command
+                if ! command -v "$privilege_cmd" >/dev/null 2>&1; then
+                    print_error "Privilege command ($privilege_cmd) not found"
+                    print_info "Please install the missing packages manually"
+                else
+                    # Install missing packages
+                    print_info "Installing missing dependencies..."
+                    local pkgs_to_install=()
+                    for dep in "${missing_deps[@]}"; do
+                        if [[ -n "${pkg_map[$dep]}" ]]; then
+                            pkgs_to_install+=("${pkg_map[$dep]}")
+                        fi
+                    done
+                    "$privilege_cmd" "$pkg_install_cmd" "${pkgs_to_install[@]}"
+
+                    # Clear cache after installation
+                    rm -f "$cache_file"
+                fi
+            else
+                print_warning "Continuing without installing dependencies. Some features may not work correctly."
+            fi
+        else
+            print_warning "No supported package manager found"
+            print_info "Please install the missing packages manually"
+        fi
+    else
+        print_success "All required dependencies are installed"
+    fi
+}
+
+# Main execution
+check_dependencies
+
+if [[ "$CHECK_DEPS_ONLY" == "true" ]]; then
+    exit 0
+fi
+
+if [[ "$DOWNLOAD_ISO_ONLY" == "true" ]]; then
+    download_windows_iso "$WINDOWS_VERSION"
+    exit 0
+fi
+
+# Generate unique PID file for this instance
+PID_FILE=$(generate_pid_file)
+print_info "Using PID file: $PID_FILE"
+
+prepare_files
+locate_ovmf
+create_disk
+start_vm
-- 
cgit v1.2.3