Auto-install script
https://github.com/Nyr/wireguard-install
Generate keys
wg genkey | tee private.key | wg pubkey > public.key
Server Config
[Interface]
Address = 10.0.0.1/24
PrivateKey = <server private key>
ListenPort = 51820
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -m comment --comment "WG NAT" -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -m comment --comment "WG NAT" -j MASQUERADE
[Peer]
PublicKey = <client public key>
AllowedIPs = 10.0.0.10/32
[Peer]
PublicKey = <client public key>
AllowedIPs = 10.0.0.11/32
Client Config
[Interface]
PrivateKey = <client private key>
Address = 10.0.0.11/32
ListenPort = 51820
DNS = 1.1.1.1
[Peer]
PublicKey = <server public key>
Endpoint = <server public ip>:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25