windows: 适配 massgrave 新镜像链接

docs: 更新文档
windows: 使用更准确的 intel nic 驱动链接
2026-03-22 12:34:17 +08:00 · 2026-01-07 20:30:33 +08:00 · 2026-01-07 20:30:32 +08:00 · 2026-01-07 20:30:32 +08:00 · 2026-01-07 20:30:31 +08:00
10 changed files with 655 additions and 1246 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -23,6 +23,3 @@ charset = utf-8-bom
 [*.{yml,yaml}]
 indent_size = 2
 [reinstall.sh]
 shell_variant = bash
--- a/.github/workflows/run_reinstall.yml
+++ b/.github/workflows/run_reinstall.yml
@ -39,8 +39,6 @@ jobs:
          ${{ matrix.command }} dd --img=https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-SelfInstall.raw.xz
          ${{ matrix.command }} windows --image-name='Windows Server blah' --iso https://aka.ms/HCIReleaseImage
          ${{ matrix.command }} reset
          # 测试失败例子
          # ${{ matrix.command }} wrong-os
          # ${{ matrix.command }} dd --img=https://github.com/
--- a/README.en.md
+++ b/README.en.md
@ -38,7 +38,6 @@ If this helped you, you can buy me a milk tea.
 - [Feature 3. One-click reboot to Alpine Live OS](#feature-3-reboot-to--alpine-live-os)
 - [Feature 4. One-click reboot to netboot.xyz](#feature-4-reboot-to--netbootxyz)
 - [Feature 5. One-click reinstallation to Windows](#feature-5-install--windows-iso)
 - [Cancel the reinstallation](#cancel-the-reinstallation)
 ## System Requirements
@ -145,7 +144,7 @@ certutil -urlcache -f -split https://cnb.cool/bin456789/reinstall/-/git/raw/main
 >
 > This feature will erase **the entire hard disk** of the current system (including other partitions)!
 >
-> If the script was run by mistake, you can run `bash reinstall.sh reset` before rebooting to cancel the reinstallation operation.
+> Data is priceless — please think twice before proceeding!
 - Username `root`. The script prompts for a password. If left blank, a random one is generated.
 - When installing the latest version, the version number does not need to be specified.
@ -182,7 +181,7 @@ bash reinstall.sh anolis      7|8|23
 - `--ssh-key KEY` Set up SSH login public key, [formatted as follows](#--ssh-key). When using public key, password is empty.
 - `--ssh-port PORT` Change the SSH port (for log observation during installation and for the new system)
 - `--web-port PORT` Change the Web port (for log observation during installation only)
- `--frpc-config PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL of the configuration file.
+- `--frpc-toml PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL
 - `--hold 1` Reboot only into install environment, without running installer, only for SSH connect to test network connection.
 - `--hold 2` Prevent reboot after installation completes, allowing SSH login to modify system content; the system is mounted at `/target` for Debian/Kali and `/os` for other distros.
@ -232,7 +231,7 @@ bash reinstall.sh ubuntu --installer
 >
 > This feature will erase **the entire hard disk** of the current system (including other partitions)!
 >
-> If the script was run by mistake, you can run `bash reinstall.sh reset` before rebooting to cancel the reinstallation operation.
+> Data is priceless — please think twice before proceeding!
 - Supports `raw` and fixed-size `vhd` image formats. Either uncompressed or compressed as `.gz`, `.xz`, `.zst`, `.tar`, `.tar.gz`, `.tar.xz`, `.tar.zst`.
 - When deploy a Windows image, the system disk will be automatically expanded, and machines with a static IP will have their IP configured, and may take a few minutes after the first boot for the configuration to take effect.
@ -248,29 +247,10 @@ bash reinstall.sh dd --img "https://example.com/xxx.xz"
 - `--rdp-port PORT` Change RDP port (DD Windows only)
 - `--ssh-port PORT` Change SSH port (for log observation during installation)
 - `--web-port PORT` Change Web port (for log observation during installation)
- `--frpc-config PATH` Add frpc for intranet tunneling (DD Windows only). Parameter can be local filepath or HTTP URL of the configuration file.
+- `--frpc-toml PATH` Add frpc for intranet tunneling (DD Windows only). Parameter can be local filepath or HTTP URL
 - `--cloud-data PATH_OR_URL` Inject cloud-init NoCloud configuration into the DD'd Linux image (DD Linux only)
 - `--hold 1` Reboot only into install environment, without running installer, only for SSH connect to test network connection.
 - `--hold 2` Prevent reboot after the DD process finishes. For SSH login to modify system content. The Windows system will be mounted at `/os`, but Linux systems will **NOT** be automatically mounted.
 > [!TIP]
 >
 > `--cloud-data` accepts a local directory path or an HTTP base URL. The directory must contain a `user-data` file; `meta-data` and `network-config` are optional:
 >
 > ```
 > seed/
 > ├── user-data      # required
 > ├── meta-data      # optional
 > └── network-config # optional
 > ```
 >
 > ```bash
 > # Local directory
 > bash reinstall.sh dd --img "https://example.com/xxx.xz" --cloud-data /path/to/seed/
 > # HTTP directory
 > bash reinstall.sh dd --img "https://example.com/xxx.xz" --cloud-data "https://example.com/seed/"
 > ```
 > [!TIP]
 >
 > Can monitor the progress through various methods (SSH, HTTP 80 port, VNC from server provider, serial console).
@ -299,7 +279,7 @@ bash reinstall.sh alpine --hold 1
 - `--password PASSWORD` Set password
 - `--ssh-port PORT` Change SSH port
 - `--ssh-key KEY` Set up SSH login public key, [formatted as follows](#--ssh-key). When using public key, password is empty.
- `--frpc-config PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL of the configuration file.
+- `--frpc-toml PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL
 ### Feature 4: Reboot to <img width="16" height="16" src="https://netboot.xyz/img/favicon.ico" /> netboot.xyz
@ -325,7 +305,7 @@ bash reinstall.sh netboot.xyz
 >
 > This feature will erase **the entire hard disk** of the current system (including other partitions)!
 >
-> If the script was run by mistake, you can run `bash reinstall.sh reset` before rebooting to cancel the reinstallation operation.
+> Data is priceless — please think twice before proceeding!
 - Username `administrator`. The script prompts for a password. If left blank, a random one is generated.
 - If remote login fails, try using the username `.\administrator`.
@ -337,15 +317,15 @@ bash reinstall.sh netboot.xyz
 - Windows (Vista ~ 11)
 - Windows Server (2008 ~ 2025)
-  - Windows Server Essentials
+  - Windows Server Essentials \*
-  - Windows Server (Semi) Annual Channel
+  - Windows Server (Semi) Annual Channel \*
-  - Hyper-V Server
+  - Hyper-V Server \*
-  - Azure Local (Azure Stack HCI)
+  - Azure Local (Azure Stack HCI) \*
 #### Method 1: Let the Script Automatically Search for ISO
 - The script will search for ISOs from <https://massgrave.dev/genuine-installation-media>, a site that collects official ISOs.
- Only supports ISOs searching for Windows 10, 11, Server 2019, 2022, 2025.
+- Systems marked with \* do not support automatic ISO searching.
 ```bash
 bash reinstall.sh windows \
@ -454,7 +434,7 @@ bash reinstall.sh windows \
 - `--add-driver INF_OR_DIR` Add additional driver, specifying .inf path, or the folder contains .inf file.
  - The driver must be downloaded to current system first.
  - This parameter can be set multiple times to add different driver.
- `--frpc-config PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL of the configuration file.
+- `--frpc-toml PATH` Add frpc for intranet tunneling. Parameter can be local filepath or HTTP URL
 - `--hold 1` Reboot only into install environment, without running installer, only for SSH connect to test network connection.
 - `--hold 2` Allow SSH connections for modifying `boot.wim`, `install.wim` or other contents before rebooting into the official Windows installation program, with the disk mounted at `/os`.
@ -465,7 +445,7 @@ bash reinstall.sh windows \
 - AWS ([ENA Network Adapter][aws-ena], [NVME Storage Controller][aws-nvme])
 - GCP ([gVNIC Network Adapter][gcp-gvnic], [GGA Display Adapter][gcp-gga])
 - Azure ([MANA Network Adapter][azure-mana])
- Intel (VMD Storage Controller: [11th Gen Core][intel-vmd-gen11], [12th-15th Gen Core][intel-vmd-gen12-to-gen15], Network Adapter: [7][intel-nic-7], [8.x][intel-nic-8.1], [10][intel-nic-10], [11][intel-nic-11], [2008 R2][intel-nic-7], [2012][intel-nic-2012], [2012 R2][intel-nic-2012-r2], [2016][intel-nic-2016], [2019][intel-nic-2019], [2022][intel-nic-2022], [2025][intel-nic-2025])
+- Intel ([VMD Storage Controller][intel-vmd], Network Adapter: [7][intel-nic-7], [8][intel-nic-8], [8.1][intel-nic-8.1], [10][intel-nic-10], [11][intel-nic-11], [2008 R2][intel-nic-2008-r2], [2012][intel-nic-2012], [2012 R2][intel-nic-2012-r2], [2016][intel-nic-2016], [2019][intel-nic-2019], [2022][intel-nic-2022], [2025][intel-nic-2025])
 [virtio-virtio]: https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/
 [virtio-aliyun]: https://www.alibabacloud.com/help/ecs/user-guide/install-the-virtio-driver-1
@ -479,12 +459,13 @@ bash reinstall.sh windows \
 [gcp-gvnic]: https://cloud.google.com/compute/docs/networking/using-gvnic
 [gcp-gga]: https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display
 [azure-mana]: https://learn.microsoft.com/azure/virtual-network/accelerated-networking-mana-windows
-[intel-vmd-gen11]: https://www.intel.com/content/www/us/en/download/849933/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-13th-gen-platforms.html
+[intel-vmd]: https://www.intel.com/content/www/us/en/download/849936/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-15th-gen-platforms.html
 [intel-vmd-gen12-to-gen15]: https://www.intel.com/content/www/us/en/download/849936/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-15th-gen-platforms.html
 [intel-nic-7]: https://www.intel.com/content/www/us/en/download/15590/intel-network-adapter-driver-for-windows-7-final-release.html
 [intel-nic-8]: https://web.archive.org/web/20250501043104/https://www.intel.com/content/www/us/en/download/16765/intel-network-adapter-driver-for-windows-8-final-release.html
 [intel-nic-8.1]: https://www.intel.com/content/www/us/en/download/17479/intel-network-adapter-driver-for-windows-8-1.html
 [intel-nic-10]: https://www.intel.com/content/www/us/en/download/18293/intel-network-adapter-driver-for-windows-10.html
 [intel-nic-11]: https://www.intel.com/content/www/us/en/download/727998/intel-network-adapter-driver-for-microsoft-windows-11.html
 [intel-nic-2008-r2]: https://web.archive.org/web/20250501002542/https://www.intel.com/content/www/us/en/download/15591/intel-network-adapter-driver-for-windows-server-2008-r2-final-release.html
 [intel-nic-2012]: https://www.intel.com/content/www/us/en/download/16789/intel-network-adapter-driver-for-windows-server-2012.html
 [intel-nic-2012-r2]: https://www.intel.com/content/www/us/en/download/17480/intel-network-adapter-driver-for-windows-server-2012-r2.html
 [intel-nic-2016]: https://www.intel.com/content/www/us/en/download/18737/intel-network-adapter-driver-for-windows-server-2016.html
@ -547,23 +528,27 @@ Most ARM machines support installing latest Windows 11.
 During the installation process, you might encounter a black screen, and the serial console may display `ConvertPages: failed to find range`, but neither issue affects the installation.
 | Compatibility | Cloud Provider | Instance Type | Issues                                                                                                                                                 |
-| ------------- | -------------- | ----------------------- | ----------------------------------------------------------------------------------- |
+| ------------- | -------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | ✔️            | Azure          | B2pts_v2      |                                                                                                                                                        |
 | ✔️            | Alibaba Cloud  | g6r, c6r      |                                                                                                                                                        |
 | ✔️            | Alibaba Cloud  | g8y, c8y, r8y | There is a chance of hanging at the boot logo during restart; forced reboot will resolve it.                                                           |
 | ✔️            | AWS            | T4g           |                                                                                                                                                        |
 | ✔️            | Scaleway       | COPARM1       |                                                                                                                                                        |
 | ✔️            | Gcore          |               |                                                                                                                                                        |
-| ❔            | Alibaba Cloud  | g6r, c6r, g8y, c8y, r8y | Might hanging at the boot logo during restart; forced reboot will resolve it.       |
+| ❔            | Oracle Cloud   | A1.Flex       | Installation success is not guaranteed; newer instances are more likely to succeed.<br />Manual loading of GPU drivers is required after installation. |
 | ❔            | Oracle Cloud   | A1.Flex                 | Installation success is not guaranteed; newer instances are more likely to succeed. |
 | ❌            | Google Cloud   | t2a           | Missing network card drivers                                                                                                                           |
-### Cancel the reinstallation
+<details>
- If the script was run by mistake, you can run this command to cancel the reinstallation operation.
+<summary>Loading Graphics Driver on Oracle Cloud</summary>
 - Must be run before rebooting.
-```bash
+Log in to the server using Remote Desktop, open Device Manager, locate the graphics card, select "Update Driver," and choose `Red Hat VirtIO GPU DOD controller` from the list. There's no need to download the drivers in advance.
-bash reinstall.sh reset
+
-```
+![virtio-gpu-1](https://github.com/user-attachments/assets/503e1d82-4fa9-4486-917e-73326ad7c988)
 ![virtio-gpu-2](https://github.com/user-attachments/assets/bf3a9af6-13d8-4f93-9d6c-d3b2dbddb37d)
 ![virtio-gpu-3](https://github.com/user-attachments/assets/a9006a78-838f-45bf-a556-2dba193d3c03)
 </details>
 ## Parameter Format
--- a/README.md
+++ b/README.md
@ -38,7 +38,6 @@
 - [功能 3. 一键引导到 Alpine Live OS 内存系统](#功能-3-重启到--alpine-live-os内存系统)
 - [功能 4. 一键引导到 netboot.xyz](#功能-4-重启到--netbootxyz)
 - [功能 5. 一键重装到 Windows](#功能-5-安装--windows-iso)
 - [取消重装](#取消重装)
 ## 系统要求
@ -145,7 +144,7 @@ certutil -urlcache -f -split https://cnb.cool/bin456789/reinstall/-/git/raw/main
 >
 > 此功能会清除当前系统**整个硬盘**的全部数据（包含其它分区）！
 >
-> 如果不小心运行了脚本，可以在重启前运行 `bash reinstall.sh reset` 取消重装
+> 数据无价，请三思而后行！
 - 用户名为 `root`，脚本会提示输入密码，不输入则使用随机密码
 - 安装最新版可不输入版本号
@ -182,7 +181,7 @@ bash reinstall.sh anolis      7|8|23
 - `--ssh-key KEY` 设置 SSH 登录公钥，[格式如下](#--ssh-key)。当使用公钥时，密码为空
 - `--ssh-port PORT` 修改 SSH 端口（安装期间观察日志用，也作用于新系统）
 - `--web-port PORT` 修改 Web 端口（安装期间观察日志用）
- `--frpc-config PATH` 添加 frpc 内网穿透，参数填配置文件的本地路径或 HTTP 链接
+- `--frpc-toml PATH` 添加 frpc 内网穿透，参数填本地路径或 HTTP 链接
 - `--hold 1` 仅重启到安装环境，不运行安装，用于 SSH 登录验证网络连通性
 - `--hold 2` 安装结束后不重启，用于 SSH 登录修改系统内容，Debian/Kali 会挂载在 `/target`，其它系统会挂载在 `/os`
@ -232,7 +231,7 @@ bash reinstall.sh ubuntu --installer
 >
 > 此功能会清除当前系统**整个硬盘**的全部数据（包含其它分区）！
 >
-> 如果不小心运行了脚本，可以在重启前运行 `bash reinstall.sh reset` 取消重装
+> 数据无价，请三思而后行！
 - 支持 `raw` 和固定大小的 `vhd` 镜像。未压缩或者压缩成 `.gz` `.xz` `.zst` `.tar` `.tar.gz` `.tar.xz` `.tar.zst`
 - DD Windows 镜像时，会自动扩展系统盘，静态 IP 的机器会配置好 IP，可能首次开机几分钟后才生效
@ -248,29 +247,10 @@ bash reinstall.sh dd --img "https://example.com/xxx.xz"
 - `--rdp-port PORT` 修改 RDP 端口 (仅限 DD Windows)
 - `--ssh-port PORT` 修改 SSH 端口（安装期间观察日志用）
 - `--web-port PORT` 修改 Web 端口（安装期间观察日志用）
- `--frpc-config PATH` 添加 frpc 内网穿透（仅限 DD Windows），参数填配置文件的本地路径或 HTTP 链接
+- `--frpc-toml PATH` 添加 frpc 内网穿透（仅限 DD Windows），参数填本地路径或 HTTP 链接
 - `--cloud-data PATH_OR_URL` 为 DD Linux 镜像注入 cloud-init NoCloud 配置（仅限 DD Linux）
 - `--hold 1` 仅重启到安装环境，不运行安装，用于 SSH 登录验证网络连通性
 - `--hold 2` DD 结束后不重启，用于 SSH 登录修改系统内容，Windows 系统会挂载在 `/os`，Linux 系统**不会**自动挂载
 > [!TIP]
 >
 > `--cloud-data` 参数为本地目录或 HTTP 基础 URL，目录须包含 `user-data` 文件，`meta-data`、`network-config` 可选：
 >
 > ```
 > seed/
 > ├── user-data      # 必须
 > ├── meta-data      # 可选
 > └── network-config # 可选
 > ```
 >
 > ```bash
 > # 使用本地目录
 > bash reinstall.sh dd --img "https://example.com/xxx.xz" --cloud-data /path/to/seed/
 > # 使用 HTTP 目录
 > bash reinstall.sh dd --img "https://example.com/xxx.xz" --cloud-data "https://example.com/seed/"
 > ```
 > [!TIP]
 >
 > 可通过多种方式（SSH、HTTP 80 端口、商家后台 VNC、串行控制台）查看安装进度。
@ -299,7 +279,7 @@ bash reinstall.sh alpine --hold 1
 - `--password PASSWORD` 设置密码
 - `--ssh-port PORT` 修改 SSH 端口
 - `--ssh-key KEY` 设置 SSH 登录公钥，[格式如下](#--ssh-key)。当使用公钥时，密码为空
- `--frpc-config PATH` 添加 frpc 内网穿透，参数填配置文件的本地路径或 HTTP 链接
+- `--frpc-toml PATH` 添加 frpc 内网穿透，参数填本地路径或 HTTP 链接
 ### 功能 4: 重启到 <img width="16" height="16" src="https://netboot.xyz/img/favicon.ico" /> netboot.xyz
@ -325,7 +305,7 @@ bash reinstall.sh netboot.xyz
 >
 > 此功能会清除当前系统**整个硬盘**的全部数据（包含其它分区）！
 >
-> 如果不小心运行了脚本，可以在重启前运行 `bash reinstall.sh reset` 取消重装
+> 数据无价，请三思而后行！
 - 用户名为 `administrator`，脚本会提示输入密码，不输入则使用随机密码
 - 如果远程登录失败，可以尝试使用用户名 `.\administrator`
@ -337,15 +317,15 @@ bash reinstall.sh netboot.xyz
 - Windows (Vista ~ 11)
 - Windows Server (2008 ~ 2025)
-  - Windows Server Essentials
+  - Windows Server Essentials \*
-  - Windows Server (Semi) Annual Channel
+  - Windows Server (Semi) Annual Channel \*
-  - Hyper-V Server
+  - Hyper-V Server \*
-  - Azure Local (Azure Stack HCI)
+  - Azure Local (Azure Stack HCI) \*
 #### 方法 1: 让脚本自动查找 ISO
 - 脚本会从 <https://massgrave.dev/genuine-installation-media> 查找 ISO，该网站专门提供官方 ISO 下载
- 只支持查找 Windows 10, 11, Server 2019, 2022, 2025 的 ISO
+- 上面带 \* 的系统不支持自动查找 ISO
 ```bash
 bash reinstall.sh windows \
@ -454,7 +434,7 @@ bash reinstall.sh windows \
 - `--add-driver INF_OR_DIR` 添加额外驱动，填写 .inf 路径，或者 .inf 所在的文件夹
  - 需先下载驱动到当前系统
  - 可多次设置该参数以添加不同的驱动
- `--frpc-config PATH` 添加 frpc 内网穿透，参数填配置文件的本地路径或 HTTP 链接
+- `--frpc-toml PATH` 添加 frpc 内网穿透，参数填本地路径或 HTTP 链接
 - `--hold 1` 仅重启到安装环境，不运行安装，用于 SSH 登录验证网络连通性
 - `--hold 2` 用于在进入 Windows 官方安装程序之前，SSH 登录修改 `boot.wim`、`install.wim` 或者其它内容，硬盘挂载在 `/os`
@ -465,7 +445,7 @@ bash reinstall.sh windows \
 - AWS ([ENA 网卡][aws-ena], [NVME 存储控制器][aws-nvme])
 - GCP ([gVNIC 网卡][gcp-gvnic], [GGA 显卡][gcp-gga])
 - Azure ([MANA 网卡][azure-mana])
- Intel (VMD 存储控制器: [11代酷睿][intel-vmd-gen11], [12-15代酷睿][intel-vmd-gen12-to-gen15], 网卡: [7][intel-nic-7], [8.x][intel-nic-8.1], [10][intel-nic-10], [11][intel-nic-11], [2008 R2][intel-nic-7], [2012][intel-nic-2012], [2012 R2][intel-nic-2012-r2], [2016][intel-nic-2016], [2019][intel-nic-2019], [2022][intel-nic-2022], [2025][intel-nic-2025])
+- Intel ([VMD 存储控制器][intel-vmd], 网卡: [7][intel-nic-7], [8][intel-nic-8], [8.1][intel-nic-8.1], [10][intel-nic-10], [11][intel-nic-11], [2008 R2][intel-nic-2008-r2], [2012][intel-nic-2012], [2012 R2][intel-nic-2012-r2], [2016][intel-nic-2016], [2019][intel-nic-2019], [2022][intel-nic-2022], [2025][intel-nic-2025])
 [virtio-virtio]: https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/
 [virtio-aliyun]: https://www.alibabacloud.com/help/ecs/user-guide/install-the-virtio-driver-1
@ -479,12 +459,13 @@ bash reinstall.sh windows \
 [gcp-gvnic]: https://cloud.google.com/compute/docs/networking/using-gvnic
 [gcp-gga]: https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display
 [azure-mana]: https://learn.microsoft.com/azure/virtual-network/accelerated-networking-mana-windows
-[intel-vmd-gen11]: https://www.intel.com/content/www/us/en/download/849933/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-13th-gen-platforms.html
+[intel-vmd]: https://www.intel.com/content/www/us/en/download/849936/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-15th-gen-platforms.html
 [intel-vmd-gen12-to-gen15]: https://www.intel.com/content/www/us/en/download/849936/intel-rapid-storage-technology-driver-installation-software-with-intel-optane-memory-12th-to-15th-gen-platforms.html
 [intel-nic-7]: https://www.intel.com/content/www/us/en/download/15590/intel-network-adapter-driver-for-windows-7-final-release.html
 [intel-nic-8]: https://web.archive.org/web/20250501043104/https://www.intel.com/content/www/us/en/download/16765/intel-network-adapter-driver-for-windows-8-final-release.html
 [intel-nic-8.1]: https://www.intel.com/content/www/us/en/download/17479/intel-network-adapter-driver-for-windows-8-1.html
 [intel-nic-10]: https://www.intel.com/content/www/us/en/download/18293/intel-network-adapter-driver-for-windows-10.html
 [intel-nic-11]: https://www.intel.com/content/www/us/en/download/727998/intel-network-adapter-driver-for-microsoft-windows-11.html
 [intel-nic-2008-r2]: https://web.archive.org/web/20250501002542/https://www.intel.com/content/www/us/en/download/15591/intel-network-adapter-driver-for-windows-server-2008-r2-final-release.html
 [intel-nic-2012]: https://www.intel.com/content/www/us/en/download/16789/intel-network-adapter-driver-for-windows-server-2012.html
 [intel-nic-2012-r2]: https://www.intel.com/content/www/us/en/download/17480/intel-network-adapter-driver-for-windows-server-2012-r2.html
 [intel-nic-2016]: https://www.intel.com/content/www/us/en/download/18737/intel-network-adapter-driver-for-windows-server-2016.html
@ -547,23 +528,27 @@ Windows Server 2025 SERVERDATACENTER
 安装过程可能会黑屏，串行控制台可能会显示 `ConvertPages: failed to find range`，均不影响正常安装
 | 兼容性 | 云服务商 | 实例类型      | 问题                                                                         |
-| ------ | -------- | ----------------------- | ------------------------------------------ |
+| ------ | -------- | ------------- | ---------------------------------------------------------------------------- |
 | ✔️     | Azure    | B2pts_v2      |                                                                              |
 | ✔️     | 阿里云   | g6r, c6r      |                                                                              |
 | ✔️     | 阿里云   | g8y, c8y, r8y | 有几率重启时卡开机 Logo，强制重启即可                                        |
 | ✔️     | AWS      | T4g           |                                                                              |
 | ✔️     | Scaleway | COPARM1       |                                                                              |
 | ✔️     | Gcore    |               |                                                                              |
-| ❔     | 阿里云   | g6r, c6r, g8y, c8y, r8y | 有几率重启时卡开机 Logo，强制重启即可      |
+| ❔     | 甲骨文云 | A1.Flex       | 不一定能安装成功，越新创建的实例越容易成功<br />安装后还需要手动加载显卡驱动 |
 | ❔     | 甲骨文云 | A1.Flex                 | 不一定能安装成功，越新创建的实例越容易成功 |
 | ❌     | 谷歌云   | t2a           | 缺少网卡驱动                                                                 |
-### 取消重装
+<details>
- 如果不小心运行了脚本，可以运行以下命令取消重装
+<summary>甲骨文云加载显卡驱动</summary>
 - 需要在重启前运行
-```bash
+使用远程桌面登录到服务器，打开设备管理器，找到显卡，选择更新驱动，在列表中选择 `Red Hat VirtIO GPU DOD controller` 即可。不需要提前下载驱动。
-bash reinstall.sh reset
+
-```
+![virtio-gpu-1](https://github.com/user-attachments/assets/503e1d82-4fa9-4486-917e-73326ad7c988)
 ![virtio-gpu-2](https://github.com/user-attachments/assets/bf3a9af6-13d8-4f93-9d6c-d3b2dbddb37d)
 ![virtio-gpu-3](https://github.com/user-attachments/assets/a9006a78-838f-45bf-a556-2dba193d3c03)
 </details>
 ## 参数格式
--- a/debian.cfg
+++ b/debian.cfg
@ -206,7 +206,7 @@ d-i preseed/early_command string true; \
    ssh-keygen -A; \
    run_as_service_with_screen /usr/sbin/sshd -D; \
-    if ls /configs/frpc.* >/dev/null 2>&1; then \
+    if [ -s /configs/frpc.toml ]; then \
        url=$(sh /get-frpc-url.sh linux); \
        mkdir -p /usr/local/bin; \
        mkdir -p /usr/local/etc/frpc; \
@ -217,8 +217,8 @@ d-i preseed/early_command string true; \
            sleep 5; \
        done; \
        chmod a+x /usr/local/bin/frpc; \
-        cp /configs/frpc.* /usr/local/etc/frpc/; \
+        cp /configs/frpc.toml /usr/local/etc/frpc/; \
-        run_as_service_with_screen /usr/local/bin/frpc -c /usr/local/etc/frpc/frpc.*; \
+        run_as_service_with_screen /usr/local/bin/frpc -c /usr/local/etc/frpc/frpc.toml; \
    fi; \
    if [ -d /cdrom/simple-cdd ]; then \
@ -296,11 +296,11 @@ d-i preseed/late_command string true; \
        echo "Port $ssh_port" >>/target/etc/ssh/sshd_config; \
    fi; \
-    if ls /configs/frpc.* >/dev/null 2>&1; then \
+    if [ -s /configs/frpc.toml ]; then \
        mkdir -p /target/usr/local/bin; \
        mkdir -p /target/usr/local/etc/frpc; \
        cp /usr/local/bin/frpc /target/usr/local/bin/; \
-        cp /usr/local/etc/frpc/frpc.* /target/usr/local/etc/frpc/; \
+        cp /usr/local/etc/frpc/frpc.toml /target/usr/local/etc/frpc/; \
        chmod a+x /target/usr/local/bin/frpc; \
        cp /frpc.service /target/etc/systemd/system/; \
        in-target systemctl enable frpc; \
--- a/frpc.service
+++ b/frpc.service
@ -10,8 +10,8 @@ Type=simple
 User=nobody
 Restart=on-failure
 RestartSec=5s
-ExecStart=/usr/local/bin/frpc -c /usr/local/etc/frpc/frpc.conf
+ExecStart=/usr/local/bin/frpc -c /usr/local/etc/frpc/frpc.toml
-ExecReload=/usr/local/bin/frpc reload -c /usr/local/etc/frpc/frpc.conf
+ExecReload=/usr/local/bin/frpc reload -c /usr/local/etc/frpc/frpc.toml
 [Install]
 WantedBy=multi-user.target
--- a/get-frpc-url.sh
+++ b/get-frpc-url.sh
@ -17,41 +17,14 @@ get_frpc_url() {
    # 传入 windows 或者 linux
    local os_type=$1
    local nt_ver=$2
    local os_bit=${3:-64}
    get_old_version() {
        # 脚本不支持安装 32 位 linux 系统，因此不用管
        if [ "$os_type" = windows ]; then
            # 最早支持 toml 的版本是 0.52.0
            # 最后支持 vista 的版本是 0.29.0
            # 最后支持 32 位的版本是 0.51.3
            # 最后支持 win7 的版本是 0.54.0
            case "$os_bit" in
            32)
                case "$nt_ver" in
                6.0) echo 0.29.0 ;; # vista
                *) echo 0.51.3 ;;   # win7+
                esac
                ;;
            64)
                case "$nt_ver" in
                6.0) echo 0.29.0 ;; # vista
                6.1) echo 0.54.0 ;; # win7
                # 目前最新版本 v0.66.0 依然可以在 win8 上运行
                esac
                ;;
            esac
        fi
    }
    is_need_old_version() {
-        [ -n "$(get_old_version)" ]
+        [ "$nt_ver" = "6.0" ] || [ "$nt_ver" = "6.1" ]
    }
    version=$(
        if is_need_old_version; then
-            get_old_version
+            echo 0.54.0
        else
            # debian 11 initrd 没有 xargs awk
            # debian 12 initrd 没有 xargs
@ -73,7 +46,7 @@ get_frpc_url() {
    )
    if [ -z "$version" ]; then
-        echo 'cannot find version' >&2
+        echo 'cannot find version'
        return 1
    fi
@ -91,7 +64,7 @@ get_frpc_url() {
        # jsdelivr 不支持 github releases 文件
        if is_ipv6_only; then
            if is_need_old_version; then
-                echo 'NOT_SUPPORT' >&2
+                echo 'NOT_SUPPORT'
                return 1
            else
                echo https://mirrors.nju.edu.cn/github-release/fatedier/frp
@ -111,12 +84,7 @@ get_frpc_url() {
    arch=$(
        case "$(uname -m)" in
-        x86_64)
+        x86_64) echo amd64 ;;
            case "$os_bit" in
            32) echo 386 ;;
            64) echo amd64 ;;
            esac
            ;;
        aarch64) echo arm64 ;;
        esac
    )
--- a/initrd-network.sh
+++ b/initrd-network.sh
@ -11,7 +11,6 @@ ipv4_gateway=$3
 ipv6_addr=$4
 ipv6_gateway=$5
 is_in_china=$6
 ipv6_extra_addrs=$7
 DHCP_TIMEOUT=15
 DNS_FILE_TIMEOUT=5
@ -172,15 +171,6 @@ add_missing_ipv6_config() {
                ip -6 route add default via "$ipv6_gateway" dev "$ethx" onlink
            fi
        fi
        # 添加额外的 IPv6 地址（逗号分隔）
        if [ -n "$ipv6_extra_addrs" ]; then
            printf '%s\n' "$ipv6_extra_addrs" | tr ',' '\n' | while IFS= read -r addr; do
                if [ -n "$addr" ]; then
                    ip -6 addr add "$addr" dev "$ethx" 2>/dev/null || true
                fi
            done
        fi
    fi
 }
@ -355,14 +345,14 @@ EOF
    db_progress INFO netcfg/link_detect_progress
 else
    # alpine
-    # h3c 移动云电脑使用 udhcpc 会重复提示 sending select，因此添加 timeout 强制结束进程
+    # h3c 移动云电脑使用 udhcpc 会重复提示 sending select，无法获得 ipv6
    # dhcpcd 会配置租约时间，过期会移除 IP，但我们的没有在后台运行 dhcpcd ，因此用 udhcpc
    method=udhcpc
    case "$method" in
    udhcpc)
-        timeout $DHCP_TIMEOUT udhcpc -i "$ethx" -f -q -n || true
+        udhcpc -i "$ethx" -f -q -n || true
-        timeout $DHCP_TIMEOUT udhcpc6 -i "$ethx" -f -q -n || true
+        udhcpc6 -i "$ethx" -f -q -n || true
        sleep $DNS_FILE_TIMEOUT # 好像不用等待写入 dns，但是以防万一
        ;;
    dhcpcd)
@ -516,6 +506,5 @@ echo "$ipv4_addr" >"$netconf/ipv4_addr"
 echo "$ipv4_gateway" >"$netconf/ipv4_gateway"
 echo "$ipv6_addr" >"$netconf/ipv6_addr"
 echo "$ipv6_gateway" >"$netconf/ipv6_gateway"
 echo "$ipv6_extra_addrs" >"$netconf/ipv6_extra_addrs"
 $ipv4_has_internet && echo 1 >"$netconf/ipv4_has_internet" || echo 0 >"$netconf/ipv4_has_internet"
 $ipv6_has_internet && echo 1 >"$netconf/ipv6_has_internet" || echo 0 >"$netconf/ipv6_has_internet"
--- a/reinstall.sh
+++ b/reinstall.sh
--- a/trans.sh
+++ b/trans.sh
@ -414,31 +414,23 @@ extract_env_from_cmdline() {
 }
 ensure_service_started() {
-    local service=$1
+    service=$1
-    if ! rc-service -q "$service" start; then
+    if ! rc-service -q $service status; then
-        for i in $(seq 10); do
+        if ! retry 5 rc-service -q $service start; then
            if [ "$service" = modloop ]; then
                # 避免有时 modloop 下载不完整导致报错
                # * Failed to verify signature of !
                # mount: mounting /dev/loop0 on /.modloop failed: Invalid argument
                rm -f /lib/modloop-lts /lib/modloop-virt
            fi
            if rc-service -q "$service" start; then
                return
            fi
            sleep 5
        done
            error_and_exit "Failed to start $service."
        fi
    fi
 }
 ensure_service_stopped() {
-    local service=$1
+    service=$1
-    if ! retry 10 5 rc-service -q "$service" stop; then
+    if rc-service -q $service status; then
        if ! retry 5 rc-service -q $service stop; then
            error_and_exit "Failed to stop $service."
        fi
    fi
 }
 mod_motd() {
@ -779,52 +771,16 @@ is_windows_support_rdnss() {
 get_windows_version_from_windows_drive() {
    local os_dir=$1
-    # https://wiki.tcl-lang.org/page/Windows+OS+name
+    apk add hivex pev
-    # https://nsis.sourceforge.io/Get_Windows_version
+    ntoskrnl_exe=$(find_file_ignore_case $os_dir/Windows/System32/ntoskrnl.exe)
    # win10+ 才有 CurrentMajorVersionNumber 和 CurrentMinorVersionNumber
    # CurrentVersion            6.3
    # CurrentMajorVersionNumber  10
    # CurrentMinorVersionNumber   0
    apk add hivex
    hive=$(find_file_ignore_case $os_dir/Windows/System32/config/SOFTWARE)
-
+    IFS=. read -r nt_ver_major nt_ver_minor _ rev_ver _ \
-    get_current_version_key() {
+        < <(peres -v "$ntoskrnl_exe" | grep 'Product Version:' | awk '{print $NF}')
        hivexget "$hive" "Microsoft\Windows NT\CurrentVersion" "$1"
    }
    # nt_ver
    if { nt_ver_major=$(get_current_version_key CurrentMajorVersionNumber) &&
        nt_ver_minor=$(get_current_version_key CurrentMinorVersionNumber); } 2>/dev/null; then
    nt_ver="$nt_ver_major.$nt_ver_minor"
    else
        # en_windows_vista_sp2_x64_dvd_342267.iso
        # 安装前 CurrentVersion 是 6.0
        # 安装后 CurrentVersion 是 6.0
        # en_windows_vista_sp2_with_update_6003.23713_aio_7in1_x64_v26.01.13_by_adguard.iso
        # 安装前 CurrentVersion 是 6.0.6002.18005
        # 安装后 CurrentVersion 是 6.0
        # 添加 cut 用于兼容这两种情况
        nt_ver=$(get_current_version_key CurrentVersion | cut -d. -f1-2)
    fi
    # build_ver
    # win10 22h2 19045 的 exe/dll 版本还是 19041 的，因此要从注册表获取
-    # vista sp2 iso 安装 KB4474419 后, CurrentBuild 是 6002, CurrentBuildNumber 是 6003
+    build_ver=$(hivexget $hive 'Microsoft\Windows NT\CurrentVersion' CurrentBuildNumber)
-    build_ver=$(get_current_version_key CurrentBuildNumber)
+    echo "Version: $nt_ver_major.$nt_ver_minor.$build_ver.$rev_ver" >&2
-
+    apk del hivex pev
    # rev_ver
    # 实测 win10 winver 是从 UBR 读取 revision 版本
    # vista sp2 iso 没有 UBR，后期有月度汇总更新包时才有 UBR
    if ! rev_ver=$(get_current_version_key UBR 2>/dev/null); then
        rev_ver=$(get_current_version_key BuildLabEx | cut -d. -f2)
    fi
    echo "Version: $nt_ver.$build_ver.$rev_ver" >&2
    apk del hivex
 }
 is_elts() {
@ -1157,17 +1113,6 @@ EOF
    post-up ip route add default via $ipv6_gateway dev $ethx
 EOF
            fi
            # 额外的 IPv6 地址（子网不含网关的地址）
            get_netconf_to ipv6_extra_addrs
            if [ -n "$ipv6_extra_addrs" ]; then
                (
                    IFS=','
                    for _addr in $ipv6_extra_addrs; do
                        echo "    post-up ip -6 addr add $_addr dev $ethx" >>$conf_file
                    done
                )
            fi
        fi
        # dns
@ -1540,12 +1485,12 @@ install_alpine() {
    chroot /os rc-update add fix-eth-name boot
    # 安装 frpc
-    if ls /configs/frpc.* >/dev/null 2>&1; then
+    if [ -s /configs/frpc.toml ]; then
        chroot /os apk add frp
        # chroot rc-update add 默认添加到 sysinit
        # 但不加 chroot 默认添加到 default
        chroot /os rc-update add frpc boot
-        cp -f /configs/frpc.* /os/etc/frp/
+        cp /configs/frpc.toml /os/etc/frp/frpc.toml
    fi
    # setup-disk 会自动选择固件，但不包括微码？
@ -1771,40 +1716,19 @@ $(del_comment_lines </configs/ssh_keys | del_empty_lines | quote_line | add_spac
        nix_ssh_ports="services.openssh.ports = [ $ssh_port ];"
    fi
-    if ls /configs/frpc.* >/dev/null 2>&1; then
+    # 虽然是原始 frpc.toml (string) 转成 toml 类型，再转成最终使用的 frpc.toml (string)
    # 但是可以避免原始 frpc.toml 有错误导致失联
    if [ -s /configs/frpc.toml ]; then
        nix_frpc=$(
            if false; then
                # 原始 frpc.toml 转 toml 对象 ，再转成最终使用的 frpc.toml
                # 可以避免原始 frpc.toml 有错误导致失联
                # 但是 frpc 配置还支持 ini json yaml
                # 因此不使用这个方法
            cat <<EOF
 services.frp = {
  enable = true;
  role = "client";
  settings = builtins.fromTOML ''
-$(cat /configs/frpc.* | add_space 4)
+$(del_comment_lines </configs/frpc.toml | add_space 4)
  '';
 };
 EOF
            else
                # 直接使用原始文件
                (
                    umask 077
                    cp /configs/frpc.* /os/etc/nixos/
                )
                ext=$(basename /configs/frpc.* | awk -F. '{print $NF}')
                cat <<EOF
 services.frp = {
  enable = true;
  role = "client";
 };
 systemd.services.frp.serviceConfig = {
  LoadCredential = "frpc.$ext:/etc/nixos/frpc.$ext";
  ExecStart = lib.mkForce "\${pkgs.frp}/bin/frpc -c \\\${CREDENTIALS_DIRECTORY}/frpc.$ext";
 };
 EOF
            fi
        )
    fi
@ -1937,7 +1861,7 @@ get_frpc_url() {
 add_frpc_systemd_service_if_need() {
    local os_dir=$1
-    if ls /configs/frpc.* >/dev/null 2>&1; then
+    if [ -s /configs/frpc.toml ]; then
        mkdir -p "$os_dir/usr/local/bin"
        mkdir -p "$os_dir/usr/local/etc/frpc"
@ -1953,7 +1877,7 @@ add_frpc_systemd_service_if_need() {
        chmod a+x "$os_dir/usr/local/bin/frpc"
        # frpc conf
-        cp -f /configs/frpc.* "$os_dir/usr/local/etc/frpc/"
+        cp /configs/frpc.toml "$os_dir/usr/local/etc/frpc/frpc.toml"
        # 添加服务
        add_systemd_service "$os_dir" frpc
@ -2178,26 +2102,7 @@ sync-uri = $mirror_long/binpackages/$profile_ver/$binpkg_type
 EOF
        # 下载公钥
-
+        chroot $os_dir getuto
        # getuto 会判断是否有 ${TERM} 且 ${TERM} 不是 dumb
        # 符合条件则 source /lib/gentoo/functions.sh 导入 ebegin 等方法
        # 不符合条件则自行创建 ebegin 等方法
        # /lib/gentoo/functions.sh 会判断是否有 ${RC_OPENRC_PID}
        # 有的话就不会导入 /functions/openrc.sh，也就不会导入 ebegin 方法
        # 在 ssh 里运行 /trans.sh 时，没有 ${RC_OPENRC_PID}，${TERM} 是 xterm
        # 因此 chroot $os_dir getuto 时不会报错
        # 在 locald 里运行 /trans.sh 时，有 ${RC_OPENRC_PID}，${TERM} 是 linux
        # 因此 chroot $os_dir getuto 时会报错说 ebegin: command not found
        # 有两个解决方法
        if true; then
            TERM=dumb chroot $os_dir getuto
        else
            env -u RC_OPENRC_PID chroot $os_dir getuto
        fi
        set_locale
@ -2526,7 +2431,7 @@ get_disk_logic_sector_size() {
 }
 is_4kn() {
-    [ "$(blockdev --getss "/dev/$xda")" = 4096 ]
+    [ "$(blockdev --getss "$1")" = 4096 ]
 }
 is_xda_gt_2t() {
@ -3114,23 +3019,24 @@ modify_windows() {
    done
    # 5 frp
-    if ls /configs/frpc.* >/dev/null 2>&1; then
+    if [ -s /configs/frpc.toml ]; then
-        if [ "$(get_windows_arch_from_windows_drive "$os_dir" | to_lower)" = x86 ]; then
+        # 好像 win7 无法运行 frpc，暂时不管
-            os_bit=32
+        windows_arch=$(get_windows_arch_from_windows_drive "$os_dir" | to_lower)
-        else
+        if [ "$windows_arch" = amd64 ] || [ "$windows_arch" = arm64 ]; then
            os_bit=64
        fi
            mkdir -p "$os_dir/frpc/"
-        url=$(get_frpc_url windows "$nt_ver" "$os_bit")
+            url=$(get_frpc_url windows "$nt_ver")
            download "$url" $os_dir/frpc/frpc.zip
            # -j 去除文件夹
            # -C 筛选文件时不区分大小写，但 busybox zip 不支持
            unzip -o -j "$os_dir/frpc/frpc.zip" '*/frpc.exe' -d "$os_dir/frpc/"
            rm -f "$os_dir/frpc/frpc.zip"
-        cp -f /configs/frpc.* "$os_dir/frpc/"
+            cp -f /configs/frpc.toml "$os_dir/frpc/frpc.toml"
            download "$confhome/windows-frpc.xml" "$os_dir/frpc/frpc.xml"
            download "$confhome/windows-frpc.bat" "$os_dir/frpc/frpc.bat"
            bats="$bats frpc\frpc.bat"
        else
            warn "$windows_arch Not Support frpc"
        fi
    fi
    if $use_gpo; then
@ -3545,8 +3451,8 @@ EOF
            wget https://deb.freexian.com/extended-lts/archive-key.gpg \
                -O $os_dir/etc/apt/trusted.gpg.d/freexian-archive-extended-lts.gpg
-            # shellcheck disable=SC1091
+            codename=$(grep '^VERSION_CODENAME=' $os_dir/etc/os-release | cut -d= -f2)
-            codename=$({ . "$os_dir/etc/os-release" && echo "$VERSION_CODENAME"; })
+            # shellcheck disable=SC2154
            if [ -f $os_dir/etc/apt/sources.list.d/debian.sources ]; then
                cat <<EOF >$os_dir/etc/apt/sources.list.d/debian.sources
 Types: deb
@ -3582,8 +3488,10 @@ EOF
            ! sh /can_use_cloud_kernel.sh "$xda" $(get_eths); then
            kernel_package=$(echo "$kernel_package" | sed 's/-cloud//')
        fi
-
+        # 如果镜像自带内核跟最佳内核是同一种且有更新
-        # 该方法包含了 apt-mark manual
+        # 则 apt install 只会进行更新，不会将包设置成 manual
        # 需要再运行 apt install 才会将包设置成 manual
        chroot_apt_install $os_dir "$kernel_package"
        chroot_apt_install $os_dir "$kernel_package"
        # 使用 autoremove 删除非最佳内核
@ -3879,40 +3787,14 @@ EOF
    rm -f $os_dir/swapfile
 }
 setup_nocloud() {
    os_dir=$1
    info "Setup NoCloud"
    # 1. 配置 NoCloud-only datasource
    mkdir -p "$os_dir/etc/cloud/cloud.cfg.d"
    cat >"$os_dir/etc/cloud/cloud.cfg.d/99-datasource.cfg" <<'EOF'
 datasource_list: [ NoCloud, None ]
 datasource:
  NoCloud:
    seedfrom: /var/lib/cloud/seed/nocloud/
    fs_label: null
 EOF
    # 2. 复制 seed 文件（已在 host 上准备好，打包在 initrd 中）
    mkdir -p "$os_dir/var/lib/cloud/seed/nocloud"
    cp /configs/cloud-data/* "$os_dir/var/lib/cloud/seed/nocloud/"
    # 3. 确保 cloud-init 没有被禁用
    rm -f "$os_dir/etc/cloud/cloud-init.disabled"
    # 4. 清除 cloud-init 旧状态，确保首次启动重新执行
    rm -rf "$os_dir/var/lib/cloud/instance"
    rm -rf "$os_dir/var/lib/cloud/instances"
 }
 modify_os_on_disk() {
    only_process=$1
    info "Modify disk if is $only_process"
    update_part
-    # dd linux 的时候不用修改硬盘内容（nocloud 模式除外）
+    # dd linux 的时候不用修改硬盘内容
-    if [ "$distro" = "dd" ] && [ "$only_process" != "nocloud" ] && ! lsblk -f /dev/$xda | grep ntfs; then
+    if [ "$distro" = "dd" ] && ! lsblk -f /dev/$xda | grep ntfs; then
        return
    fi
@ -3922,16 +3804,12 @@ modify_os_on_disk() {
        # btrfs挂载的是默认子卷，如果没有默认子卷，挂载的是根目录
        # fedora 云镜像没有默认子卷，且系统在root子卷中
        if mount -o ro /dev/$part /os; then
-            if [ "$only_process" = linux ] || [ "$only_process" = nocloud ]; then
+            if [ "$only_process" = linux ]; then
                if etc_dir=$({ ls -d /os/etc/ || ls -d /os/*/etc/; } 2>/dev/null); then
                    os_dir=$(dirname $etc_dir)
                    # 重新挂载为读写
                    mount -o remount,rw /os
                    if [ "$only_process" = nocloud ]; then
                        setup_nocloud $os_dir
                    else
                    modify_linux $os_dir
                    fi
                    return
                fi
            elif [ "$only_process" = windows ]; then
@ -4314,7 +4192,7 @@ chroot_dnf() {
 }
 chroot_apt_update() {
-    local os_dir=$1
+    os_dir=$1
    current_hash=$(cat $os_dir/etc/apt/sources.list $os_dir/etc/apt/sources.list.d/*.sources 2>/dev/null | md5sum)
    if ! [ "$saved_hash" = "$current_hash" ]; then
@ -4324,30 +4202,15 @@ chroot_apt_update() {
 }
 chroot_apt_install() {
-    local os_dir=$1
+    os_dir=$1
    shift
    # 只安装未安装的软件包
    # 避免更新浪费时间
    local pkg='' pkgs=''
    for pkg in "$@"; do
        if chroot $os_dir dpkg -s "$pkg" >/dev/null 2>&1; then
            # 如果已安装则标记为 manual，防止被 autoremove 删除
            chroot $os_dir apt-mark manual "$pkg"
        else
            pkgs="$pkgs $pkg"
        fi
    done
    # 一次性安装，避免多次 update-initramfs
    if [ -n "$pkgs" ]; then
    chroot_apt_update $os_dir
-        DEBIAN_FRONTEND=noninteractive chroot $os_dir apt-get install -y $pkgs
+    DEBIAN_FRONTEND=noninteractive chroot $os_dir apt-get install -y "$@"
    fi
 }
 chroot_apt_remove() {
-    local os_dir=$1
+    os_dir=$1
    shift
    # minimal 镜像 删除 grub-pc 时会安装 grub-efi-amd64
@ -4370,7 +4233,7 @@ chroot_apt_remove() {
 }
 chroot_apt_autoremove() {
-    local os_dir=$1
+    os_dir=$1
    change_confs() {
        action=$1
@ -4504,6 +4367,12 @@ install_fnos() {
    # 挂载 proc sys dev
    mount_pseudo_fs /os
    # 更新 initrd，官方安装器也有这一步
    # 理论上要设置 1777 权限，但飞牛官方安装器安装后不是
    mkdir -p $os_dir/var/tmp
    chmod 1777 $os_dir/var/tmp
    chroot $os_dir update-initramfs -u
    # 更改密码
    if is_need_set_ssh_keys; then
        set_ssh_keys_and_del_password $os_dir
@ -4517,31 +4386,6 @@ install_fnos() {
        chroot $os_dir systemctl enable ssh
    fi
    # fstab
    {
        # /
        uuid=$(lsblk /dev/$xda*2 -no UUID)
        echo "$fstab_line_os" | sed "s/%s/$uuid/"
        # swapfile
        # 官方安装器即使 swapfile 设为 0 也会有这行
        echo "$fstab_line_swapfile"
        # /boot/efi
        if is_efi; then
            uuid=$(lsblk /dev/$xda*1 -no UUID)
            echo "$fstab_line_efi" | sed "s/%s/$uuid/"
        fi
    } >$os_dir/etc/fstab
    # 更新 initrd，官方安装器也有这一步
    # 理论上 /var/tmp 要设置 1777 权限，但飞牛官方安装器安装后不是
    # 需要先创建 /etc/fstab ，否则会有以下警告
    # W: Couldn't identify type of root file system for fsck hook
    mkdir -p $os_dir/var/tmp
    chmod 1777 $os_dir/var/tmp
    chroot $os_dir update-initramfs -u
    # grub
    if is_efi; then
        chroot $os_dir grub-install --efi-directory=/boot/efi
@ -4560,6 +4404,23 @@ install_fnos() {
    chroot $os_dir update-grub
    # fstab
    {
        # /
        uuid=$(lsblk /dev/$xda*2 -no UUID)
        echo "$fstab_line_os" | sed "s/%s/$uuid/"
        # swapfile
        # 官方安装器即使 swapfile 设为 0 也会有这行
        echo "$fstab_line_swapfile"
        # /boot/efi
        if is_efi; then
            uuid=$(lsblk /dev/$xda*1 -no UUID)
            echo "$fstab_line_efi" | sed "s/%s/$uuid/"
        fi
    } >$os_dir/etc/fstab
    # 网卡配置
    create_cloud_init_network_config /net.cfg
    create_network_manager_config /net.cfg $os_dir
@ -4919,13 +4780,10 @@ EOF
        # 安装最佳内核
        flavor=$(get_ubuntu_kernel_flavor)
        echo "Use kernel flavor: $flavor"
-
+        # 如果镜像自带内核跟最佳内核是同一种且有更新
-        # 题外话
+        # 则 apt install 只会进行更新，不会将包设置成 manual
-        # 如果某个包是 auto 状态且有更新
+        # 需要再运行 apt install 才会将包设置成 manual
-        # 则 apt install PKG 只会进行更新，不会将包设置成 manual
+        chroot_apt_install $os_dir "linux-image-$flavor"
        # 需要再次运行 apt install PKG 才会将包设置成 manual
        # 该方法包含了 apt-mark manual
        chroot_apt_install $os_dir "linux-image-$flavor"
        # 使用 autoremove 删除多余内核
@ -5733,8 +5591,8 @@ get_windows_type_from_windows_drive() {
    apk add hivex
    software_hive=$(find_file_ignore_case $os_dir/Windows/System32/config/SOFTWARE)
    system_hive=$(find_file_ignore_case $os_dir/Windows/System32/config/SYSTEM)
-    installation_type=$(hivexget $software_hive '\Microsoft\Windows NT\CurrentVersion' InstallationType 2>/dev/null || true)
+    installation_type=$(hivexget $software_hive '\Microsoft\Windows NT\CurrentVersion' InstallationType || true)
-    product_type=$(hivexget $system_hive '\ControlSet001\Control\ProductOptions' ProductType 2>/dev/null || true)
+    product_type=$(hivexget $system_hive '\ControlSet001\Control\ProductOptions' ProductType || true)
    apk del hivex
    # 根据 win11 multi-session 的情况
@ -5798,25 +5656,13 @@ install_windows() {
    # 一般镜像是 install.wim
    # en_server_install_disc_windows_home_server_2011_x64_dvd_658487.iso 是 Install.wim
    # en_windows_vista_sp2_with_update_6003.23713_aio_7in1_x64_v26.01.13_by_adguard.iso 是 swm
    source_install_wim=$(
        cd /iso
-        {
+        { find_file_ignore_case sources/install.wim ||
-            find_file_ignore_case sources/install.wim ||
+            find_file_ignore_case sources/install.esd; } 2>/dev/null ||
-                find_file_ignore_case sources/install.esd ||
+            error_and_exit "can't find install.wim or install.esd"
                find_file_ignore_case sources/install.swm
        } 2>/dev/null || error_and_exit "can't find install.wim, install.esd or install.swm"
    )
    is_swm=false
    if [[ $(echo "$source_install_wim" | to_lower) = '*.swm' ]]; then
        is_swm=true
        swm_ref=$(
            IFS=. read -r name ext < <(basename "$source_install_wim")
            echo "$name*.$ext"
        )
    fi
    # 防止用了不兼容架构的 iso
    boot_index=$(get_wim_prop "/iso/$sources_boot_wim" 'Boot Index')
    arch_wim=$(get_image_prop "/iso/$sources_boot_wim" "$boot_index" 'Architecture' | to_lower)
@ -5852,7 +5698,7 @@ install_windows() {
        while true; do
            # 匹配成功
            # 改成正确的大小写
-            if matched_image_name=$(printf '%s\n' "$all_image_names" | grep -Fix "$image_name"); then
+            if matched_image_name=$(echo "$all_image_names" | grep -ix "$image_name"); then
                image_name=$matched_image_name
                image_index=$(wiminfo "$iso_install_wim" "$image_name" | grep 'Index:' | awk '{print $NF}')
                break
@ -5922,15 +5768,27 @@ install_windows() {
    # 2. 是否自带 nvme 驱动
    # 3. 是否支持 sha256
    # 4. Installation Type
-    # shellcheck disable=SC2046
+    wimmount "$iso_install_wim" "$image_index" /wim/
    wimmount "$iso_install_wim" "$image_index" /wim/ \
        $($is_swm && echo --ref=$(dirname "$iso_install_wim")/$swm_ref)
    # 获取版本号
    get_windows_version_from_windows_drive /wim
    # 检测 client/server，并转换成标准版 windows 名称
    windows_type=$(get_windows_type_from_windows_drive /wim)
    {
        find_file_ignore_case /wim/Windows/System32/sacsess.exe && has_sac=true || has_sac=false
        find_file_ignore_case /wim/Windows/INF/stornvme.inf && has_stornvme=true || has_stornvme=false
    } >/dev/null 2>&1
    wimunmount /wim/
    # https://www.hummingheads.co.jp/press/info-certificates.html
    # https://support.microsoft.com/kb/KB3033929
    # https://support.microsoft.com/kb/KB4474419
    # Windows Vista SP2 ldr_escrow   6.0.6003 + KB4474419
    # Windows 7     SP1              6.1.7601 + KB3033929
    support_sha256=false
    if is_nt_ver_ge 6.2 ||
        { [ "$nt_ver" = 6.1 ] && [ "$build_ver" -ge 7601 ] && [ "$rev_ver" -ge 18741 ]; } ||
        { [ "$nt_ver" = 6.0 ] && [ "$build_ver" -ge 6003 ] && [ "$rev_ver" -ge 20555 ]; }; then
        support_sha256=true
    fi
    product_ver=$(
        case "$windows_type" in
        client) get_client_name_by_build_ver "$build_ver" ;;
@ -5938,113 +5796,16 @@ install_windows() {
        esac
    )
    # 检测 sac 和 nvme
    {
        find_file_ignore_case /wim/Windows/System32/sacsess.exe && has_sac=true || has_sac=false
        find_file_ignore_case /wim/Windows/INF/stornvme.inf && has_stornvme=true || has_stornvme=false
    } >/dev/null 2>&1
    # 检测是否支持 sha256 签名的驱动
    support_sha256=false
    if is_nt_ver_ge 6.2; then
        support_sha256=true
    else
        # 安装环境下 drvload.exe 不会验证签名，能安装 sha256 的驱动
        # 但重启后提示 Windows cannot verify the digital signature for this file.
        # winload.exe/efi 有这串字符
        # Windows cannot verify the digital signature for this file.
        # strings -e l winload.exe | grep -i signature
        # strings -e l winload.efi | grep -i signature
        # 硬盘控制器驱动是 boot-start 驱动，由 winload.exe/efi 验证签名
        # 网卡驱动不是 boot-start 驱动，由 ci.dll 验证签名
        # win7 sp1 iso 不支持 sha256 的驱动，但是
        # ci.dll      能找到 8+64 个常量和 oid 0609608648016503040201 0102040365014886600906
        # winload.exe 能找到 8+64 个常量和 oid 0609608648016503040201 0102040365014886600906
        # winload.efi 能找到 8+64 个常量和 oid     608648016503040201
        # 官网有提到 KB3033929 和 KB4039648, 应该分别是 2008r2 和 2008 最早支持 sha256 的补丁
        # https://support.microsoft.com/kb/4472027#:~:text=KB3033929%20%E5%92%8C%20KB4039648
        # https://support.drweb.cn/sha2
        # https://support.kaspersky.com/common/compatibility/15761
        # https://www.internetdownloadmanager.com/register/new_faq/sha256-support-for-outdated-versions-of-Windows.html
        # https://www.catalog.update.microsoft.com/
        # vista sp2 iso
        # 用 KB4039648 和 KB4090450 做测试，独立安装时，注册表没有发现另一个 KB 的痕迹
        # 后续很多补丁如果包含 winload.exe/efi，都是支持 sha256 的新版，因此不能通过检测 KB 编号来判断
        # HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Package
        # HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect
        # vista sp2 iso 独立安装以下补丁时
        # 补丁          发布日期   BuildLabEx          ubr    winload.exe   winload.efi   ci.dll
        # KB4039648 旧  2018/2/21  6002.18005(没改变)  没有   6002.24259    6002.24283    6002.24259
        # KB4039648 新  2018/3/22  6002.18005(没改变)  没有   6002.24259    6002.24298    6002.24259
        # KB4039648-v2  2018/6/12  6002.24381          没有   6002.24362    6002.24381    6002.24259
        # KB4474419-v4  2019/10/8  6003.20555          没有   6003.20505    6003.20555    6003.20593
        # win7 sp1 iso 独立安装以下补丁时
        # KB3033929     2015/3/10  7601.18741          没有   18649/22854  18741/22948    18519/22730
        # KB4474419-v3  2019/9/10  7601.24384          没有         24149        24384          24158
        # 最早的 KB4039648 KB3033929 都支持 sha256
        # winload.exe/efi 版本号 >= ci.dll
        # 因此用 winload.exe/efi 的版本号来判断是否支持 sha256
        apk add pev
        local maj min build rev
        winload=$(find_file_ignore_case "/wim/Windows/System32/winload.$(is_efi && echo efi || echo exe)")
        IFS=. read -r maj min build rev \
            < <(peres -v "$winload" | grep 'Product Version:' | awk '{print $NF}')
        apk del pev
        # vista/2008
        # https://support.microsoft.com/kb/KB4039648
        # https://catalog.update.microsoft.com/Search.aspx?q=KB4039648
        # win7/2008r2 网页有列出文件版本号
        # https://support.microsoft.com/kb/KB3033929
        # https://catalog.update.microsoft.com/Search.aspx?q=KB3033929
        # rev 1xxxx 是 GDR 分支
        # rev 2xxxx 是 LDR 分支
        # vista/2008 版本从 6002 到 6003, rev 减少 4000
        # https://support.microsoft.com/topic/1335e4d4-c155-52eb-4a45-b85bd1909ca8
        if is_efi; then
            if { [ "$maj.$min" = 6.1 ] && [ "$build" -eq 7601 ] && [ "$rev" -ge 22948 ]; } ||
                { [ "$maj.$min" = 6.1 ] && [ "$build" -eq 7601 ] && [ "$rev" -ge 18741 ] && [ "$rev" -lt 20000 ]; } ||
                { [ "$maj.$min" = 6.0 ] && [ "$build" -eq 6003 ] && [ "$rev" -ge 20283 ]; } ||
                { [ "$maj.$min" = 6.0 ] && [ "$build" -eq 6002 ] && [ "$rev" -ge 24283 ]; }; then
                support_sha256=true
            fi
        else
            if { [ "$maj.$min" = 6.1 ] && [ "$build" -eq 7601 ] && [ "$rev" -ge 22854 ]; } ||
                { [ "$maj.$min" = 6.1 ] && [ "$build" -eq 7601 ] && [ "$rev" -ge 18649 ] && [ "$rev" -lt 20000 ]; } ||
                { [ "$maj.$min" = 6.0 ] && [ "$build" -eq 6003 ] && [ "$rev" -ge 20259 ]; } ||
                { [ "$maj.$min" = 6.0 ] && [ "$build" -eq 6002 ] && [ "$rev" -ge 24259 ]; }; then
                support_sha256=true
            fi
        fi
    fi
    wimunmount /wim/
    info "Selected image info"
    echo "Image Name: $image_name"
    echo "Product Version: $product_ver"
    echo "Windows Type: $windows_type"
    echo "NT Version: $nt_ver"
    echo "Build Version: $build_ver"
    echo "Revision Version: $rev_ver"
    echo "-------------------------"
    echo "Has SAC: $has_sac"
    echo "Has StorNVMe: $has_stornvme"
    echo "Support SHA256: $support_sha256"
    echo "-------------------------"
    echo
    # 复制 boot.wim 到 /os，用于临时编辑
@ -6063,14 +5824,13 @@ install_windows() {
        boot_dir=/os
    fi
-    # 复制 iso 根目录 boot 开头的文件
+    # 复制启动相关的文件
    # efi 额外复制efi目录
    echo 'Copying boot files...'
-    find /iso -maxdepth 1 -iname 'boot*' -exec cp -r {} "$boot_dir" \;
+    cp -r "$(get_path_in_correct_case /iso/boot)"* $boot_dir
    # efi 额外复制 iso 根目录 efi 文件夹
    if is_efi; then
        echo 'Copying efi files...'
-        find /iso -maxdepth 1 -type d -iname efi -exec cp -r {} "$boot_dir" \;
+        cp -r "$(get_path_in_correct_case /iso/efi)" $boot_dir
    fi
    # 复制iso全部文件(除了boot.wim)到installer分区
@ -6081,7 +5841,6 @@ install_windows() {
            --exclude=/sources/boot.wim \
            --exclude=/sources/install.wim \
            --exclude=/sources/install.esd \
            --exclude='/sources/install*.swm' \
            /iso/* /os/installer/
    else
        (
@ -6090,27 +5849,16 @@ install_windows() {
                -not -iname boot.wim \
                -not -iname install.wim \
                -not -iname install.esd \
                -not -iname 'install*.swm' \
                -exec cp -r --parents {} /os/installer/ \;
        )
    fi
    # 如果是 swm，要先合并成 wim 才能编辑
    if $is_swm; then
        install_wim=$(echo "$install_wim" | sed 's/\.swm$/.wim/i')
        # 防止不格盘二次运行时报错：文件已存在
        rm -f "$install_wim"
        wimexport --ref="$(dirname "$iso_install_wim")/$swm_ref" "$iso_install_wim" "$image_index" "$install_wim"
        # 只导出了要安装的镜像，因此 image_index 变为 1
        image_index=1
    elif false; then
    # 优化 install.wim
    # 优点: 可以节省 200M~600M 空间，用来创建虚拟内存
    #       （意义不大，因为已经删除了 boot.wim 用来创建虚拟内存，vista 除外）
    # 缺点: 如果 install.wim 只有一个镜像，则只能缩小 10M+
    if false; then
        time wimexport --threads "$(get_build_threads 512)" "$iso_install_wim" "$image_index" "$install_wim"
        # 只导出了要安装的镜像，因此 image_index 变为 1
        image_index=1
        info "install.wim size"
        echo "Original:  $(get_filesize_mb "$iso_install_wim")"
        echo "Optimized: $(get_filesize_mb "$install_wim")"
@ -6900,31 +6648,25 @@ EOF
    add_driver_vmd() {
        # RST v20 不支持 11代 PCI\VEN_8086&DEV_9A0B
-        support_v19=false
+        is_gen11=false
        support_v20=false
        for d in /sys/bus/pci/devices/*; do
            vendor=$(cat "$d/vendor" 2>/dev/null)
            device=$(cat "$d/device" 2>/dev/null)
-            if [ "$vendor" = "0x8086" ]; then
+            if [ "$vendor" = "0x8086" ] && [ "$device" = "0x9a0b" ]; then
-                case "$device" in
+                is_gen11=true
-                "0x9a0b") support_v19=true && support_v20=false && break ;;
+                break
                "0x467f") support_v19=true && support_v20=true && break ;;
                "0xa77f") support_v19=true && support_v20=true && break ;;
                "0x7d0b") support_v19=false && support_v20=true && break ;;
                "0xad0b") support_v19=false && support_v20=true && break ;;
                esac
            fi
        done
-        local page=
+        if ! $is_gen11 && [ "$build_ver" -ge 19041 ]; then
-        if $support_v20 && [ "$build_ver" -ge 19041 ]; then
+            # RST v20
-            page=https://www.intel.com/content/www/us/en/download/849936.html
+            local page=https://www.intel.com/content/www/us/en/download/849936.html
-        elif $support_v19 && [ "$build_ver" -ge 15063 ]; then
+        elif [ "$build_ver" -ge 15063 ]; then
-            page=https://www.intel.com/content/www/us/en/download/849933.html
+            # RST v19
            local page=https://www.intel.com/content/www/us/en/download/849933.html
        else
            error_and_exit "can't find suitable vmd driver"
        fi
        if [ -n "$page" ]; then
            # intel 禁止了 wget 下载网页
        local url
        url=$(wget -U curl/7.54.1 "$page" -O- |
            grep -Eio -m1 "\"https://.+/SetupRST\.exe\"" | tr -d '"' | grep .)
@ -6936,12 +6678,6 @@ EOF
        7z x $drv/SetupRST/.text -o$drv/vmd
        apk del 7zip
        cp_drivers $drv/vmd
        else
            # 如果开启了 vmd 但硬盘不在 vmd 上，linux 会自动加载 vmd 模块?
            # 还要判断主硬盘是否在 vmd 上，如果不在，即使没有 vmd 驱动也可继续安装
            # 因此目前先不中止脚本
            : error_and_exit "can't find suitable vmd driver"
        fi
    }
    # 脚本自动检测驱动可能有问题
@ -7099,7 +6835,7 @@ EOF
    # 4kn EFI 分区最少要 260M
    # https://learn.microsoft.com/windows-hardware/manufacture/desktop/hard-drives-and-partitions
-    if is_4kn; then
+    if is_4kn /dev/$xda; then
        sed -i 's/is4kn=0/is4kn=1/i' $startnet_cmd
    fi
@ -7138,8 +6874,6 @@ EOF
        images=all
    fi
    mkdir -p "$(get_path_in_correct_case "$(dirname $boot_dir/$sources_boot_wim)")"
    # 防止不格盘二次运行时报错：文件已存在
    rm -f $boot_dir/$sources_boot_wim
    wimexport --boot /os/boot.wim "$images" $boot_dir/$sources_boot_wim
    info "boot.wim size"
    echo "Original:      $(get_filesize_mb /iso/$sources_boot_wim)"
@ -7186,12 +6920,12 @@ EOF
        # 或者用 ms-sys
        apk add grub-bios
        # efi 下，强制安装 mbr 引导，需要添加 --target i386-pc
-        grub-install --target i386-pc --boot-directory="$(get_path_in_correct_case /os/boot)" /dev/$xda
+        grub-install --target i386-pc --boot-directory=/os/boot /dev/$xda
-        cat <<EOF >"$(get_path_in_correct_case /os/boot/grub/grub.cfg)"
+        cat <<EOF >/os/boot/grub/grub.cfg
            set timeout=5
            menuentry "reinstall" {
                search --no-floppy --label --set=root os
-                ntldr /$(cd /os && get_path_in_correct_case bootmgr)
+                ntldr /bootmgr
            }
 EOF
    fi
@ -7469,11 +7203,7 @@ trans() {
                # windows 扩容在 windows 下完成
                resize_after_install_cloud_image
            fi
            if [ -d /configs/cloud-data ]; then
                modify_os_on_disk nocloud
            else
            modify_os_on_disk windows
            fi
            ;;
        qemu) # dd qemu 不可能到这里，因为上面已处理
            ;;
@ -7587,12 +7317,12 @@ fi
 # 设置 frpc
 # 并防止重复运行
-if ls /configs/frpc.* >/dev/null 2>&1 && ! pidof frpc >/dev/null; then
+if [ -s /configs/frpc.toml ] && ! pidof frpc >/dev/null; then
    info 'run frpc'
    add_community_repo
    apk add frp
    while true; do
-        frpc -c /configs/frpc.* || true
+        frpc -c /configs/frpc.toml || true
        sleep 5
    done &
 fi
Author	SHA1	Message	Date
bin456789	14c314d2bc	windows: 适配 massgrave 新镜像链接	2026-01-07 20:30:33 +08:00
bin456789	6ebe902624	docs: 更新文档	2026-01-07 20:30:32 +08:00
bin456789	83a85b9ccf	windows: 使用更准确的 intel nic 驱动链接	2026-01-07 20:30:32 +08:00
bin456789	c2d36ed176	fnos: 优化飞牛安装 - 支持 bios + gpt - 支持 arm	2026-01-07 20:30:31 +08:00