Configuration WindowsFeatures {
    Import-DscResource -ModuleName PSDesiredStateConfiguration
    
    Node localhost {
        
        # === WINDOWS CAPABILITIES ===
        
        # Install OpenSSH Client
        Script InstallOpenSSHClient {
            SetScript = {
                $capability = Get-WindowsCapability -Online | Where-Object { $_.Name -like "OpenSSH.Client*" }
                if ($capability.State -ne "Installed") {
                    Add-WindowsCapability -Online -Name 'OpenSSH.Client~~~~0.0.1.0'
                }
            }
            TestScript = {
                $capability = Get-WindowsCapability -Online | Where-Object { $_.Name -like "OpenSSH.Client*" }
                return ($capability.State -eq "Installed")
            }
            GetScript = {
                $capability = Get-WindowsCapability -Online | Where-Object { $_.Name -like "OpenSSH.Client*" }
                return @{Result = "OpenSSH Client State: $($capability.State)"}
            }
        }
        
        # === WINDOWS OPTIONAL FEATURES ===
        
        # Enable NFS Client features
        Script EnableNFSClientOnly {
            SetScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ServicesForNFS-ClientOnly"
                if ($feature.State -ne "Enabled") {
                    Enable-WindowsOptionalFeature -FeatureName "ServicesForNFS-ClientOnly" -Online -NoRestart
                }
            }
            TestScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ServicesForNFS-ClientOnly"
                return ($feature.State -eq "Enabled")
            }
            GetScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ServicesForNFS-ClientOnly"
                return @{Result = "NFS ClientOnly State: $($feature.State)"}
            }
        }
        
        Script EnableNFSInfrastructure {
            SetScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ClientForNFS-Infrastructure"
                if ($feature.State -ne "Enabled") {
                    Enable-WindowsOptionalFeature -FeatureName "ClientForNFS-Infrastructure" -Online -NoRestart
                }
            }
            TestScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ClientForNFS-Infrastructure"
                return ($feature.State -eq "Enabled")
            }
            GetScript = {
                $feature = Get-WindowsOptionalFeature -Online -FeatureName "ClientForNFS-Infrastructure"
                return @{Result = "NFS Infrastructure State: $($feature.State)"}
            }
        }
        
        # === FIREWALL RULES ===
        
        # Enable Remote Desktop firewall rules
        Script EnableRDPFirewall {
            SetScript = {
                Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
            }
            TestScript = {
                $rules = Get-NetFirewallRule -DisplayGroup "Remote Desktop" | Where-Object {$_.Enabled -eq $false}
                return ($rules.Count -eq 0)
            }
            GetScript = {
                $rules = Get-NetFirewallRule -DisplayGroup "Remote Desktop"
                $enabledCount = ($rules | Where-Object {$_.Enabled -eq $true}).Count
                return @{Result = "RDP Firewall Rules Enabled: $enabledCount of $($rules.Count)"}
            }
        }
        
    }
}

# Generate the MOF file
WindowsFeatures -OutputPath "\temp\DSC\WindowsFeatures"

# Apply the configuration
Start-DscConfiguration -Path "\temp\DSC\WindowsFeatures" -Wait -Verbose -Force