diff --git a/release/Makefile.vm b/release/Makefile.vm
--- a/release/Makefile.vm
+++ b/release/Makefile.vm
@@ -25,6 +25,7 @@
 		BASIC-CI \
 		BASIC-CLOUDINIT \
 		EC2 \
+		EQUINIX \
 		GCE \
 		ORACLE \
 		VAGRANT
@@ -43,6 +44,9 @@
 EC2-BASE_DESC=	Amazon EC2 image
 EC2-CLOUD-INIT_DESC=	Amazon EC2 Cloud-Init image
 EC2-SMALL_DESC=	Amazon EC2 small image
+EQUINIX_FORMAT=	raw
+EQUINIX_FSLIST?=	ufs zfs
+EQUINIX_DESC=	Equinix Metal image
 GCE_FORMAT=	raw
 GCE_FSLIST?=	ufs zfs
 GCE_DESC=	Google Compute Engine image
diff --git a/release/release.conf.sample b/release/release.conf.sample
--- a/release/release.conf.sample
+++ b/release/release.conf.sample
@@ -113,4 +113,4 @@
 
 ## If WITH_CLOUDWARE is set to a non-empty value, this is a list of providers
 ## to create disk images.
-#CLOUDWARE="EC2 GCE ORACLE VAGRANT-VIRTUALBOX VAGRANT-VMWARE"
+#CLOUDWARE="EC2 EQUINIX GCE ORACLE VAGRANT-VIRTUALBOX VAGRANT-VMWARE"
diff --git a/release/tools/equinix.conf b/release/tools/equinix.conf
new file mode 100644
--- /dev/null
+++ b/release/tools/equinix.conf
@@ -0,0 +1,109 @@
+#!/bin/sh
+# Set to a list of packages to install.
+export VM_EXTRA_PACKAGES="
+    converters/base64
+    ftp/curl
+    lang/python
+    lang/python3
+    net/cloud-init
+    net/rsync
+    security/ca_root_nss
+    security/sudo
+    sysutils/firstboot-freebsd-update
+    sysutils/firstboot-pkgs
+    sysutils/panicmail
+    textproc/jq
+    "
+
+# Should be enough for base image, image can be resized in needed
+export VMSIZE=8g
+
+# Set to a list of third-party software to enable in rc.conf(5).
+export VM_RC_LIST="
+    cloudinit
+    defious
+    firstboot_freebsd_update
+    firstboot_pkgs
+    growfs
+    ntpd
+    ntpd_sync_on_start
+    sshd
+    zfs"
+
+vm_extra_pre_umount() {
+	cat <<-'EOF' >> ${DESTDIR}/etc/rc.conf
+		dumpdev=AUTO
+		sendmail_enable=NONE
+	EOF
+
+	cat <<-'EOF' >> ${DESTDIR}/boot/loader.conf
+		autoboot_delay="5"
+		cryptodev_load="YES"
+		opensolaris_load="YES"
+		xz_load="YES"
+		zfs_load="YES"
+		# enable serial console
+		autoboot_delay="7"
+		boot_serial="YES"
+		comconsole_port="0x2f8"
+		comconsole_speed="115200"
+		console="comconsole"
+	EOF
+
+	cat <<-'EOF' >> ${DESTDIR}/etc/ssh/sshd_config
+		PermitRootLogin prohibit-password
+		PasswordAuthentication no
+		KbdInteractiveAuthentication no
+		PermitEmptyPasswords no
+		UseDNS no
+		UsePAM no
+	EOF
+
+	cat <<-'EOF' >> ${DESTDIR}/etc/rc.d/defious
+		#!/bin/sh
+		# SPDX-License-Identifier: BSD-2-Clause
+		#
+		# Copyright 2022 SkunkWerks, GmbH
+
+		# PROVIDE: defious
+		# REQUIRE: mountcritlocal
+		# BEFORE:  NETWORKING cloudinitlocal cloudinit cloudconfig cloudfinal
+		# KEYWORD: firstboot
+
+		# Extract metadata files from the first located EFI partition
+		# and blindly transfer these into their more common places.
+
+		# We need to run very early, because these configuration settings will
+		# typically modify /etc/rc.conf and similar settings, to enable storage &
+		# networking configurations that are not supported by auto-configuration
+		# through dhclient(8) and similar approaches.
+
+		. /etc/rc.subr
+
+		name="defious"
+		desc="Extract loader and rc scripts from the mounted EFI partition"
+		start_cmd="defious_start"
+		stop_cmd=":"
+		rcvar="defious_enable"
+
+		defious_start ()
+		{
+		    warn "dEFIous: checking for Equinix config in EFI partition"
+		    # does this resemble an Equinix -aware EFI partition?
+		    test -d /boot/efi/metal || return
+		    # really this is all we need to do
+		    warn "dEFIous: extracting Equinix config from EFI partition"
+		    cp -av /boot/efi/metal/ / || return
+		    warn "dEFIous: Equinix config extraction successful"
+		}
+
+		load_rc_config $name
+		run_rc_command "$1"
+	EOF
+	chmod +x ${DESTDIR}/etc/rc.d/defious
+
+	# ensure we run first-boot scripts on .. first ... boot
+	touch ${DESTDIR}/firstboot
+
+	return 0
+}