WireGuard Raspberry Pi - DietPi

- Install Python, git, build-essential from dietpi-software
- Run rpi-source: https://github.com/notro/rpi-source/wiki

- Enable IP Forwarding
- nano /etc/sysctl.conf:
- net.ipv4.ip_forward = 1

- sudo apt-get install libmnl-dev

- git clone https://git.zx2c4.com/WireGuard
- $ cd WireGuard/src
- $ make
- # make install

- Generate the keys
- # wg genkey > rpi_private.key
- # wg pubkey > rpi_public.key < rpi_private.key

- # nano /etc/wireguard/wg0.conf
===========================================
[Interface]
ListenPort = 1500
PrivateKey = <rpi_private.key>
[Peer]
PublicKey = <client_public.key>
AllowedIPs = 192.168.2.2/32
===========================================

- # nano /etc/network/interfaces
===========================================
auto wg0
iface wg0 inet static
  pre-up ip link add dev wg0 type wireguard
  post-up wg setconf wg0 /etc/wireguard/wg0.conf
  post-up ip link set dev wg0 up
  #READ THIS
  #enable access to remote subnet 192.168.2.x via remote wg0 interface:
  #change this according to your config
  #post-up ip route add 192.168.2.0/24 via 192.168.5.2 dev wg0
  #change eth0 to your primary interface, if needed
  post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  address 192.168.2.1
  netmask 255.255.255.0
===========================================

- apt-get install ufw
- ufw allow 1500

- PORT TO BE OPEN 1500 UDP/TCP