From 65ea9d7e55ce3c78e548e01437cc6ebd5d156554 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sun, 2 Oct 2022 17:41:46 +0200
Subject: [PATCH 1/6] packages/jre17_standard: add jdk.dynalink module

---
 packages/patched-derivations.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/patched-derivations.nix b/packages/patched-derivations.nix
index 2586964..43f158b 100644
--- a/packages/patched-derivations.nix
+++ b/packages/patched-derivations.nix
@@ -38,6 +38,7 @@ super: rec {
           "jdk.xml.dom"
           "jdk.sctp"
           "jdk.management"
+          "jdk.dynalink"
       ];
     };
   in jre // { meta = jre.meta // { inherit (super.jdk17_headless.meta) platforms; }; };

From 54a362965b20c1f57eb3d2d4013530fee8ab2fde Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sun, 2 Oct 2022 18:19:54 +0200
Subject: [PATCH 2/6] VEGAS/minecraft: add instance 0fyy6ksf

---
 .../services/minecraft/customer-0fyy6ksf.nix  | 30 +++++++++++++++++++
 hosts/VEGAS/services/minecraft/default.nix    |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix

diff --git a/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix b/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix
new file mode 100644
index 0000000..c857478
--- /dev/null
+++ b/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix
@@ -0,0 +1,30 @@
+{ config, inputs, pkgs, ... }:
+let
+  custId = "0fyy6ksf";
+in
+{
+  links."mc-${custId}" = {};
+  links."mc-rcon-${custId}" = {};
+  services.modded-minecraft-servers.instances."${custId}" = {
+    enable = true;
+    rsyncSSHKeys = [
+      "ssh-ed25519 dummyKey"
+    ];
+    jvmPackage = inputs.self.packages.${pkgs.system}.jre17_standard;
+    jvmInitialAllocation = "2G";
+    jvmMaxAllocation = "4G";
+    serverConfig = {
+      server-port = config.links."mc-${custId}".port;
+      motd = "Hosted by Private Void";
+      enable-rcon = true;
+      rcon-port = config.links."mc-rcon-${custId}".port;
+      rcon-password = "manager";
+    };
+  };
+  systemd.services."mc-${custId}".serviceConfig = {
+    CPUQuota = "200%";
+    MemoryHigh = "4.2G";
+    MemoryMax = "4.3G";
+    MemorySwapMax = "1G";
+  };
+}
diff --git a/hosts/VEGAS/services/minecraft/default.nix b/hosts/VEGAS/services/minecraft/default.nix
index 7ddaf75..eececcc 100644
--- a/hosts/VEGAS/services/minecraft/default.nix
+++ b/hosts/VEGAS/services/minecraft/default.nix
@@ -2,5 +2,6 @@
   services.modded-minecraft-servers.eula = true;
   imports = [
     ./num.nix
+    ./customer-0fyy6ksf.nix
   ];
 }

From d1d4651ed744931256f0ea8df5f24b88670f5e4b Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Tue, 4 Oct 2022 17:19:59 +0200
Subject: [PATCH 3/6] VEGAS/minecraft/0fyy6ksf: allow flight

---
 hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix b/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix
index c857478..b41c129 100644
--- a/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix
+++ b/hosts/VEGAS/services/minecraft/customer-0fyy6ksf.nix
@@ -19,6 +19,7 @@ in
       enable-rcon = true;
       rcon-port = config.links."mc-rcon-${custId}".port;
       rcon-password = "manager";
+      allow-flight = true;
     };
   };
   systemd.services."mc-${custId}".serviceConfig = {

From 16e4664899e5b00290d14582c73417e786ac7708 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 8 Oct 2022 11:40:30 +0200
Subject: [PATCH 4/6] packages/hyprspace: apply
 https://github.com/hyprspace/hyprspace/pull/95

---
 packages/networking/hyprspace/README.md       | 43 +++++++++++++++++++
 packages/networking/hyprspace/cli/up.go       | 21 ++++++++-
 .../networking/hyprspace/config/config.go     | 22 ++++++++--
 3 files changed, 81 insertions(+), 5 deletions(-)

diff --git a/packages/networking/hyprspace/README.md b/packages/networking/hyprspace/README.md
index 9edde1e..2bf06af 100644
--- a/packages/networking/hyprspace/README.md
+++ b/packages/networking/hyprspace/README.md
@@ -187,6 +187,49 @@ sudo hyprspace down hs1
 
 WireGuard is a registered trademark of Jason A. Donenfeld.
 
+
+## Routes
+
+### Prepare each route node:
+
+```
+# sysctl -n net.ipv4.ip_forward
+0
+# sysctl -w net.ipv4.ip_forward=1
+iptables -t nat -A POSTROUTING -s <YOUR_TUN_NET>/24 -o eth0 -j MASQUERADE
+iptables -A FORWARD 1 -i <HS_TUN> -o <DEV_GATEWAY> -j ACCEPT
+iptables -A FORWARD 1 -i <DEV_GATEWAY> -o <HS_TUN> -j ACCEPT
+
+```
+Determine gateway router:
+```
+# curl ifconfg.me
+<GATEWAY_ROUTER>
+```
+
+### Configure client:
+Config hyprspace yaml configuration file:
+```
+interface:
+  ...
+peers:
+  ID: ...
+  ...
+routes:
+  192.168.3.0/24:
+    ip: 10.0.0.3
+  0.0.0.0/0:
+    ip: 10.0.0.1
+
+```
+Prepare routes
+```
+One for each route:
+# ip route add <GATEWAY_ROUTER> via <YOUR_GATEWAY> 
+
+And all traffic for hyprspace tun
+# ip route add default dev <HS_TUN> metric 1
+```
 ## License
 
 Copyright 2021-2022 Alec Scott <hi@alecbcs.com>
diff --git a/packages/networking/hyprspace/cli/up.go b/packages/networking/hyprspace/cli/up.go
index b8f8c69..b3788b1 100644
--- a/packages/networking/hyprspace/cli/up.go
+++ b/packages/networking/hyprspace/cli/up.go
@@ -180,6 +180,10 @@ func UpRun(r *cmd.Root, c *cmd.Sub) {
 	// Initialize active streams map and packet byte array.
 	activeStreams = make(map[string]network.Stream)
 	var packet = make([]byte, 1420)
+	ip, _, err := net.ParseCIDR(cfg.Interface.Address)
+	if err != nil {
+		checkErr(errors.New("unable to parse address"))
+	}
 	for {
 		// Read in a packet from the tun device.
 		plen, err := tunDev.Iface.Read(packet)
@@ -188,8 +192,21 @@ func UpRun(r *cmd.Root, c *cmd.Sub) {
 			continue
 		}
 
-		// Decode the packet's destination address
-		dst := net.IPv4(packet[16], packet[17], packet[18], packet[19]).String()
+		dstIP := net.IPv4(packet[16], packet[17], packet[18], packet[19])
+		dst := dstIP.String()
+
+		// Check route table for destination address.
+		for route, _ := range cfg.Routes {
+			_, network, _ := net.ParseCIDR(route)
+			if network.Contains(dstIP) {
+				src := net.IPv4(packet[12], packet[13], packet[14], packet[15])
+				_, ok := peerTable[dst]
+				// Only rewrite if initiator is us or receiver is not a known peer
+				if src.Equal(ip) && !ok {
+					dst = cfg.Routes[route].IP
+				}
+			}
+		}
 
 		// Check if we already have an open connection to the destination peer.
 		stream, ok := activeStreams[dst]
diff --git a/packages/networking/hyprspace/config/config.go b/packages/networking/hyprspace/config/config.go
index f0450db..3ebfdec 100644
--- a/packages/networking/hyprspace/config/config.go
+++ b/packages/networking/hyprspace/config/config.go
@@ -10,9 +10,10 @@ import (
 
 // Config is the main Configuration Struct for Hyprspace.
 type Config struct {
-	Path      string          `yaml:"path,omitempty"`
-	Interface Interface       `yaml:"interface"`
-	Peers     map[string]Peer `yaml:"peers"`
+	Path      string           `yaml:"path,omitempty"`
+	Interface Interface        `yaml:"interface"`
+	Peers     map[string]Peer  `yaml:"peers"`
+	Routes    map[string]Route `yaml:"routes"`
 }
 
 // Interface defines all of the fields that a local node needs to know about itself!
@@ -29,6 +30,10 @@ type Peer struct {
 	ID string `yaml:"id"`
 }
 
+type Route struct {
+	IP string `yaml:"ip"`
+}
+
 // Read initializes a config from a file.
 func Read(path string) (*Config, error) {
 	in, err := os.ReadFile(path)
@@ -55,6 +60,17 @@ func Read(path string) (*Config, error) {
 	for ip := range result.Peers {
 		if net.ParseIP(ip).String() == "<nil>" {
 			return nil, fmt.Errorf("%s is not a valid ip address", ip)
+		} else {
+			fmt.Printf("[+] Assign this ip: %s to node: %s.\n", ip, result.Peers[ip].ID)
+		}
+	}
+
+	for route := range result.Routes {
+		_, _, err := net.ParseCIDR(route)
+		if err != nil {
+			return nil, fmt.Errorf("%s is not a valid route", route)
+		} else {
+			fmt.Printf("[+] Assign route %s via %s.\n", route, result.Routes[route].IP)
 		}
 	}
 

From d2674bdb5aaa5dc2d674c2b13d5c7cbf3b2ba219 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 8 Oct 2022 12:08:34 +0200
Subject: [PATCH 5/6] modules/hyprspace: add route configuration support

---
 modules/hyprspace/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/hyprspace/default.nix b/modules/hyprspace/default.nix
index ceb90a8..7d8f923 100644
--- a/modules/hyprspace/default.nix
+++ b/modules/hyprspace/default.nix
@@ -9,6 +9,9 @@ let
   myNode = hosts.${hostName};
   listenPort = myNode.hypr.listenPort or 8001;
 
+  routes' = map (x: lib.genAttrs (x.hypr.routes or []) (_: { ip = x.hypr.addr; })) (builtins.attrValues hyprspaceCapableNodes);
+  routes = builtins.foldl' (x: y: x // y) {} (lib.flatten routes');
+
   interfaceConfig = pkgs.writeText "hyprspace.yml" (builtins.toJSON {
     interface = {
       name = "hyprspace";
@@ -18,6 +21,7 @@ let
       private_key = "@HYPRSPACEPRIVATEKEY@";
     };
     peers = peerList;
+    inherit routes;
   });
 
   privateKeyFile = config.age.secrets.hyprspace-key.path;

From 94e69da757622b963cb0e648dbcf82bc80b32416 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 8 Oct 2022 12:10:11 +0200
Subject: [PATCH 6/6] hosts/VEGAS: expose some networks via hyprspace

---
 hosts/VEGAS/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hosts/VEGAS/default.nix b/hosts/VEGAS/default.nix
index 66c804b..7526729 100644
--- a/hosts/VEGAS/default.nix
+++ b/hosts/VEGAS/default.nix
@@ -19,6 +19,10 @@ tools: {
     id = "QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J";
     addr = "10.100.3.5";
     listenPort = 995;
+    routes = [
+      "10.1.0.1/32"
+      "10.10.0.0/16"
+    ];
   };
 
   enterprise = {