diff --git a/appveyor.yml b/appveyor.yml
index cd39beda..6c1030ca 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -15,9 +15,10 @@ install:
build_script:
- cmd: >-
cd \projects\yggdrasil-go
-- c:\msys64\usr\bin\bash -lc "./build.bat"
+- c:\msys64\usr\bin\bash -lc "./contrib/msi/build-msi.sh x64"
+- c:\msys64\usr\bin\bash -lc "./contrib/msi/build-msi.sh x86"
test: off
artifacts:
-- path: 'yggdrasil-*.msi'
+- path: '*.msi'
diff --git a/contrib/msi/build-msi.sh b/contrib/msi/build-msi.sh
new file mode 100644
index 00000000..eda682f1
--- /dev/null
+++ b/contrib/msi/build-msi.sh
@@ -0,0 +1,186 @@
+#!/bin/sh
+
+# Get arch from command line if given
+PKGARCH=$1
+if [ "${PKGARCH}" == "" ];
+then
+ echo "tell me the architecture: x86 or x64"
+ exit 1
+fi
+
+# Install prerequisites
+pacman -S --needed --noconfirm unzip git curl
+# export PATH=$PATH:/c/go/bin/
+
+# Download the wix tools!
+if [ ! -d wixbin ];
+then
+ curl -LO https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311-binaries.zip
+ if [ `md5sum wix311-binaries.zip | cut -f 1 -d " "` != "47a506f8ab6666ee3cc502fb07d0ee2a" ];
+ then
+ echo "wix package didn't match expected checksum"
+ exit 1
+ fi
+ mkdir -p wixbin
+ unzip -o wix311-binaries.zip -d wixbin || (
+ echo "failed to unzip WiX"
+ exit 1
+ )
+fi
+
+# Check the prerequisite files are in place
+(test -f yggdrasil.exe && test -f yggdrasilctl.exe) || (
+ [ "${PKGARCH}" == "x64" ] && GOARCH=amd64 CGO_ENABLED=0 ./build || \
+ [ "${PKGARCH}" == "x86" ] && GOARCH=386 CGO_ENABLED=0 ./build || \
+ (
+ echo "failed to build Yggdrasil"
+ exit 1
+ )
+)
+
+# Create the postinstall script
+cat > config.bat << EOF
+if exist yggdrasil.conf (
+ move yggdrasil.conf yggdrasil.conf.backup
+ yggdrasil.exe -useconffile yggdrasil.conf.backup -normaliseconf > yggdrasil.conf
+) else (
+ yggdrasil.exe -genconf > yggdrasil.conf
+)
+EOF
+
+# Work out metadata for the package info
+PKGNAME=$(sh contrib/semver/name.sh)
+PKGVERSION=$(sh contrib/semver/version.sh --bare)
+PKGVERSIONMS=$(echo $PKGVERSION | tr - .)
+PKGARCH=${PKGARCH-x64}
+[ "${PKGARCH}" == "x64" ] && \
+ PKGGUID="77757838-1a23-40a5-a720-c3b43e0260cc" PKGINSTFOLDER="ProgramFiles64Folder" || \
+ PKGGUID="54a3294e-a441-4322-aefb-3bb40dd022bb" PKGINSTFOLDER="ProgramFilesFolder"
+
+# Download the Wintun driver
+if [ $PKGARCH = "x64" ]; then
+ PKGMSMNAME=wintun-x64.msm
+ curl -o ${PKGMSMNAME} https://www.wintun.net/builds/wintun-amd64-0.7.msm || (echo "couldn't get wintun"; exit 1)
+elif [ $PKGARCH = "x86" ]; then
+ PKGMSMNAME=wintun-x86.msm
+ curl -o ${PKGMSMNAME} https://www.wintun.net/builds/wintun-x86-0.7.msm || (echo "couldn't get wintun"; exit 1)
+else
+ echo "wasn't sure which architecture to get wintun for"
+ exit 1
+fi
+
+# Generate the wix.xml file
+cat > wix.xml << EOF
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+EOF
+
+# Generate the MSI
+CANDLEFLAGS="-nologo"
+LIGHTFLAGS="-nologo -spdb -sice:ICE71 -sice:ICE61"
+wixbin/candle $CANDLEFLAGS -out ${PKGNAME}-${PKGVERSION}-${PKGARCH}.wixobj -arch ${PKGARCH} wix.xml && \
+wixbin/light $LIGHTFLAGS -out ${PKGNAME}-${PKGVERSION}-${PKGARCH}.msi ${PKGNAME}-${PKGVERSION}-${PKGARCH}.wixobj
diff --git a/contrib/msi/build.bat b/contrib/msi/build.bat
deleted file mode 100644
index 47d9a9d2..00000000
--- a/contrib/msi/build.bat
+++ /dev/null
@@ -1,65 +0,0 @@
-@echo off
-rem SPDX-License-Identifier: GPL-2.0
-rem Copyright (C) 2019 WireGuard LLC. All Rights Reserved.
-
-setlocal
-setlocal EnableDelayedExpansion
-set PATHEXT=.exe
-set BUILDDIR=%~dp0
-cd /d %BUILDDIR% || exit /b 1
-
-set WIX_CANDLE_FLAGS=-nologo
-set WIX_LIGHT_FLAGS=-nologo -spdb -sice:ICE71 -sice:ICE61
-
-set WINTUN_VERSION=0.7
-set WINTUN_AMD64_SHA256=c87f9e0df51ac5c4fc8551f38c58b6fe6c43c06344451e3ed8939f05f4979c7d
-set WINTUN_X86_SHA256=bdc40a2314964759653cd0717983dd3fedfeb53e7e15f4ed8370e12964c04b43
-
-if exist .deps\prepared goto :build
-:installdeps
- rmdir /s /q .deps 2> NUL
- mkdir .deps || goto :error
- cd .deps || goto :error
- call :download wintun-x86.msm https://www.wintun.net/builds/wintun-x86-%WINTUN_VERSION%.msm %WINTUN_X86_SHA256% || goto :error
- call :download wintun-amd64.msm https://www.wintun.net/builds/wintun-amd64-%WINTUN_VERSION%.msm %WINTUN_AMD64_SHA256% || goto :error
- call :download wix-binaries.zip http://wixtoolset.org/downloads/v3.14.0.2812/wix314-binaries.zip 923892298f37514622c58cbbd9c2cadf2822d9bb53df8ee83aaeb05280777611 || goto :error
- echo [+] Extracting wix-binaries.zip
- mkdir wix\bin || goto :error
- unzip wix-binaries.zip -d wix\bin || goto :error
- echo [+] Cleaning up wix-binaries.zip
- del wix-binaries.zip || goto :error
- copy /y NUL prepared > NUL || goto :error
- cd .. || goto :error
-
-:build
- set WIX=%BUILDDIR%.deps\wix\
- call :msi x86 i686 x86 || goto :error
- call :msi amd64 x86_64 x64 || goto :error
- if exist ..\sign.bat call ..\sign.bat
- if "%SigningCertificate%"=="" goto :success
- if "%TimestampServer%"=="" goto :success
- echo [+] Signing
- signtool sign /sha1 "%SigningCertificate%" /fd sha256 /tr "%TimestampServer%" /td sha256 /d "Yggdrasil Setup" "yggdrasil-*.msi" || goto :error
-
-:success
- echo [+] Success.
- exit /b 0
-
-:download
- echo [+] Downloading %1
- curl -#fLo %1 %2 || exit /b 1
- echo [+] Verifying %1
- for /f %%a in ('CertUtil -hashfile %1 SHA256 ^| findstr /r "^[0-9a-f]*$"') do if not "%%a"=="%3" exit /b 1
- goto :eof
-
-:msi
- if not exist "%~1" mkdir "%~1"
- echo [+] Compiling %1
- "%WIX%bin\candle" %WIX_CANDLE_FLAGS% -dYGGDRASIL_PLATFORM="%~1" -dYGGDRASIL_BUILDNAME="%~1" -dYGGDRASIL_BUILDVERSION="%~1" -out "%~1\yggdrasil.wixobj" -arch %3 yggdrasil.wxs || exit /b %errorlevel%
- echo [+] Linking %1
- "%WIX%bin\light" %WIX_LIGHT_FLAGS% -out "yggdrasil-%~1.msi" "%~1\yggdrasil.wixobj" || exit /b %errorlevel%
- goto :eof
-
-:error
- echo [-] Failed with error #%errorlevel%.
- cmd /c exit %errorlevel%
diff --git a/contrib/msi/yggdrasil.wxs b/contrib/msi/yggdrasil.wxs
deleted file mode 100644
index 0f592814..00000000
--- a/contrib/msi/yggdrasil.wxs
+++ /dev/null
@@ -1,112 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-