iRhonin/client-wg0.conf

## client-wg0.conf
[Interface]
PrivateKey = ...
Address = 192.168.111.2


[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0
Endpoint = <external-ip>:443
PersistentKeepalive = 19

## server-wg0.conf
[Interface]
Address = 192.168.111.1
PrivateKey = ...
ListenPort = 443
PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = ...
AllowedIPs = 192.168.111.2/32

## setup-server.sh
set -e

sysctl -w net.ipv4.ip_forward=1
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
systemctl enable wg-quick@wg0.service

## wg-gen-key.sh
set -e

umask 077
wg genkey | tee $1 | wg pubkey > $1.pub
	[Interface]
	PrivateKey = ...
	Address = 192.168.111.2


	[Peer]
	PublicKey = ...
	AllowedIPs = 0.0.0.0/0
	Endpoint = <external-ip>:443
	PersistentKeepalive = 19
	[Interface]
	Address = 192.168.111.1
	PrivateKey = ...
	ListenPort = 443
	PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
	PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

	[Peer]
	PublicKey = ...
	AllowedIPs = 192.168.111.2/32
	set -e

	sysctl -w net.ipv4.ip_forward=1
	sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
	systemctl enable wg-quick@wg0.service