From ab4e78f57f0a0999d503eada0a7bc95f4f9a6764 Mon Sep 17 00:00:00 2001
From: Aathavan <7279940-aathavan@users.noreply.gitlab.com>
Date: Wed, 1 Feb 2023 22:30:02 +0000
Subject: [PATCH] Added checks before installing packs; added code to install
 VMware Workstation

---
 .../run_onchange_after_45-vmware.tmpl         | 40 +++++++++++++------
 .../run_onchange_after_46_virtualbox.tmpl     |  9 +++--
 ...run_onchange_before_05-install-vmware.tmpl | 27 +++++++++++++
 3 files changed, 61 insertions(+), 15 deletions(-)
 create mode 100644 home/.chezmoiscripts/universal/run_onchange_before_05-install-vmware.tmpl

diff --git a/home/.chezmoiscripts/universal/run_onchange_after_45-vmware.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_45-vmware.tmpl
index ca606bad..ba4dd793 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_45-vmware.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_45-vmware.tmpl
@@ -1,33 +1,46 @@
-{{- if ne .host.distro.family "windows" -}}
+{{- if eq .host.distro.family "linux" -}}
 #!/usr/bin/env bash
 
 {{ includeTemplate "universal/profile" }}
 {{ includeTemplate "universal/logg" }}
 
-### Run logic if VMWare is installed
+### Run logic if VMware is installed
 if command -v vmware > /dev/null; then
-    ### Build kernel modules
-    # TODO - Add check to see if kernel modules are required before running this logic
+  ### Build kernel modules if they are not present
+  if [ ! -f /lib/modules/$(uname -r)/misc/vmmon.ko || ! -f /lib/modules/$(uname -r)/misc/vmnet.ko ]; then
+    logg info 'Building VMware host modules'
     if sudo vmware-modconfig --console --install-all; then
       :
     else
-      logg info 'Acquiring VMWare version from CLI'
+      logg info 'Acquiring VMware version from CLI'
       VMW_VERSION=$(vmware --version | cut -f 3 -d' ')
       mkdir -p /tmp/vmw_patch
       cd /tmp/vmw_patch
-      logg info 'Downloading VMWare host module patches'
+      logg info 'Downloading VMware host module patches'
       curl -sSL https://github.com/mkubecek/vmware-host-modules/archive/workstation-$VMW_VERSION.tar.gz -o /tmp/vmw_patch/workstation.tar.gz
       tar -xzf /tmp/vmw_patch/workstation.tar.gz
       cd vmware*
       logg info 'Running `sudo make` and `sudo make install`'
       sudo make
       sudo make install
-      logg success 'Successfully configured VMWare host module patches'
+      logg success 'Successfully configured VMware host module patches'
     fi
 
-    ### Patch VMWare with Unlocker
+    ### Sign VMware host modules if Secure Boot is enabled
+    if [ -f /sys/firmware/efi ]; then
+      logg info 'Signing host modules'
+      mkdir -p /tmp/vmware
+      cd /tmp/vmware
+      openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -days 36500 -subj "/CN=VMware/"
+      /usr/src/linux-headers-$(uname -r)/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmmon)
+      /usr/src/linux-headers-$(uname -r)/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmnet)
+      echo '' | mokutil --import MOK.der
+      logg success 'Successfully signed VMware host modules. Reboot the host before powering on VMs'
+    fi
+
+    ### Patch VMware with Unlocker
     if [ ! -f /usr/lib/vmware/isoimages/darwin.iso ]; then
-      logg info 'Acquiring VMWare Unlocker latest release version'
+      logg info 'Acquiring VMware Unlocker latest release version'
       UNLOCKER_URL=$(curl -sSL https://api.github.com/repos/DrDonk/unlocker/releases/latest | jq  -r '.assets[0].browser_download_url')
       mkdir -p /tmp/vmware-unlocker
       cd /tmp/vmware-unlocker
@@ -37,12 +50,15 @@ if command -v vmware > /dev/null; then
       cd linux
       logg info 'Running the unlocker'
       echo "y" | sudo ./unlock
-      logg success 'Successfully unlocked VMWare for macOS compatibility'
+      logg success 'Successfully unlocked VMware for macOS compatibility'
     else
-      logg info '/usr/lib/vmware/isoimages/darwin.iso is already present on the system so VMWare macOS unlocking will not be performed'
+      logg info '/usr/lib/vmware/isoimages/darwin.iso is already present on the system so VMware macOS unlocking will not be performed'
     fi
+  else
+    logg info 'VMware host modules are present'
+  fi
 else
-    logg warn 'VMware Workstation is not installed so the VMware Unlocker will not be installed'
+  logg warn 'VMware Workstation is not installed so the VMware Unlocker will not be installed'
 fi
 
 {{ end -}}
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_46_virtualbox.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_46_virtualbox.tmpl
index 27b8bcbf..61f1d9aa 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_46_virtualbox.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_46_virtualbox.tmpl
@@ -5,9 +5,9 @@
 {{ includeTemplate "universal/logg" }}
 
 ### Run logic if VirtualBox is installed
-# TODO - Add check to determine if ExtensionPack is required
 if command -v VirtualBox > /dev/null; then
-    ### Install VirtualBox extension pack
+  ### Install VirtualBox extension pack if it is not installed already
+  if [[ ! -d /usr/lib/virtualbox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/ ]]; then
     logg info 'Acquiring VirtualBox version information'
     VBOX_VERSION="$(VirtualBox --help | head -n 1 | cut -f 6 -d' ')"
     VBOX_VERSION="${VBOX_VERSION//v}"
@@ -26,8 +26,11 @@ if command -v VirtualBox > /dev/null; then
     logg info 'Installing VirtualBox extension pack'
     echo 'y' | VBoxManage extpack install --replace /tmp/vbox/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack
     logg success 'Successfully installed VirtualBox extension pack'
+  else
+    logg info 'VirtualBox Extension pack is already installed'
+  fi
 else
-    logg warn 'VirtualBox is not installed so VirtualBox Extension pack will not be installed'
+  logg warn 'VirtualBox is not installed so VirtualBox Extension pack will not be installed'
 fi
 
 {{ end -}}
diff --git a/home/.chezmoiscripts/universal/run_onchange_before_05-install-vmware.tmpl b/home/.chezmoiscripts/universal/run_onchange_before_05-install-vmware.tmpl
new file mode 100644
index 00000000..ed0f1721
--- /dev/null
+++ b/home/.chezmoiscripts/universal/run_onchange_before_05-install-vmware.tmpl
@@ -0,0 +1,27 @@
+{{- if eq .host.distro.family "linux" -}}
+#!/usr/bin/env bash
+
+{{ includeTemplate "universal/profile-before" }}
+{{ includeTemplate "universal/logg-before" }}
+
+### Install VMware Workstation
+if [ ! command -v vmware > /dev/null ]; then
+  logg info 'VMware Workstation is not installed.'
+  VMWARE_WORKSTATION_URL=https://www.vmware.com/go/getworkstation-linux
+  VMWARE_WORKSTATION_DIR=/tmp/workstation-downloads
+  mkdir -p $VMWARE_WORKSTATION_DIR
+  logg info 'Downloading VMware Workstation Installer'
+  curl -sSLA "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20220101 Firefox/102.0" "$VMWARE_WORKSTATION_URL" \
+    -o "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh"
+  logg info 'Installing VMware Workstation'
+  if [[ -v VMWARE_WORKSTATION_LICENSE_KEY && -n $VMWARE_WORKSTATION_LICENSE_KEY ]]; then
+    sudo $VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh --eulas-agreed --console --required \
+      --set-setting vmware-workstation serialNumber $VMWARE_WORKSTATION_LICENSE_KEY
+  else
+    sudo $VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh --eulas-agreed --console --required
+  fi
+  logg success 'VMware Workstation installed successfully'
+else
+  logg info 'VMware Workstation is already installed'
+fi
+{{ end -}}