rename examples

example-full/home-server/wg0.conf

@@ -1,6 +1,6 @@
 [Interface]
 # Name = home-server.example-vpn.dev
-Address = 10.0.0.3/32
+Address = 10.0.44.3/32
 ListenPort = 51820
 PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo=
 DNS = 1.1.1.1
@@ -10,5 +10,5 @@ DNS = 1.1.1.1
 Endpoint = public-server1.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
 # routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 10.0.44.1/24
 PersistentKeepalive = 25

example-full/laptop/wg0.conf

@@ -1,6 +1,6 @@
 [Interface]
 # Name = laptop.example-vpn.dev
-Address = 10.0.0.4/32
+Address = 10.0.44.4/32
 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=
 DNS = 1.1.1.1
 
@@ -9,5 +9,5 @@ DNS = 1.1.1.1
 Endpoint = public-server1.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
 # routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 10.0.44.1/24
 PersistentKeepalive = 25

example-full/phone/wg0.conf

@@ -1,6 +1,6 @@
 [Interface]
 # Name = phone.example-vpn.dev
-Address = 10.0.0.5/32
+Address = 10.0.44.5/32
 PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw=
 DNS = 1.1.1.1
 
@@ -9,5 +9,5 @@ DNS = 1.1.1.1
 Endpoint = public-server1.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
 # routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 10.0.44.1/24
 PersistentKeepalive = 25

example-full/public-server1/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-full/public-server1/wg0.conf

@@ -1,6 +1,6 @@
 [Interface]
 # Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
+Address = 10.0.44.1/24
 ListenPort = 51820
 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
 DNS = 1.1.1.1
@@ -9,20 +9,20 @@ DNS = 1.1.1.1
 # Name = public-server2.example-vpn.dev
 Endpoint = public-server2.example-vpn.dev:51820
 PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
+AllowedIPs = 10.0.44.2/32
 
 [Peer]
 # Name = home-server.example-vpn.dev
 Endpoint = home-server.example-vpn.dev:51820
 PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
+AllowedIPs = 10.0.44.3/32
 
 [Peer]
 # Name = laptop.example-vpn.dev
 PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
+AllowedIPs = 10.0.44.4/32
 
 [Peer]
 # Name = phone.example-vpn.dev
 PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32
+AllowedIPs = 10.0.44.5/32

example-full/public-server2/wg0.conf

@@ -1,6 +1,6 @@
 [Interface]
 # Name = public-server2.example-vpn.dev
-Address = 10.0.0.2/32
+Address = 10.0.44.2/32
 ListenPort = 51820
 PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220=
 DNS = 1.1.1.1
@@ -10,5 +10,5 @@ DNS = 1.1.1.1
 Endpoint = public-server1.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
 # routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 10.0.44.1/24
 PersistentKeepalive = 25

example-internet-browsing-vpn/laptop/wg0.conf

@@ -1,13 +1,12 @@
 [Interface]
 # Name = laptop.example-vpn.dev
-Address = 10.0.0.4/32
+Address = 10.0.44.2/32
 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=
 DNS = 1.1.1.1
 
 [Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
+# Name = server.example-vpn.tld
+Endpoint = server.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 0.0.0.0/0, ::/0
 PersistentKeepalive = 25

example-internet-browsing-vpn/phone/wg0.conf

@@ -1,13 +1,12 @@
 [Interface]
 # Name = phone.example-vpn.dev
-Address = 10.0.0.5/32
+Address = 10.0.44.3/32
 PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw=
 DNS = 1.1.1.1
 
 [Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
+# Name = server.example-vpn.tld
+Endpoint = server.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 0.0.0.0/0, ::/0
 PersistentKeepalive = 25

example-internet-browsing-vpn/server/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-internet-browsing-vpn/server/wg0.conf

@@ -1,28 +1,18 @@
 [Interface]
-# Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
+# Name = server.example-vpn.tld
+Address = 10.0.44.1/24
 ListenPort = 51820
 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
 DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server2.example-vpn.dev
-Endpoint = public-server2.example-vpn.dev:51820
-PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
-
-[Peer]
-# Name = home-server.example-vpn.dev
-Endpoint = home-server.example-vpn.dev:51820
-PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
+PostUp = sysctl -w net.ipv4.ip_forward=1
+PostUp = sysctl -w net.ipv6.conf.all.forwarding=1
 
 [Peer]
 # Name = laptop.example-vpn.dev
 PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
+AllowedIPs = 10.0.44.2/32
 
 [Peer]
 # Name = phone.example-vpn.dev
 PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32
+AllowedIPs = 10.0.44.3/32

example-lan-briding/montreal/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-lan-briding/montreal/wg0.conf

@@ -1,28 +1,26 @@
 [Interface]
-# Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
+# Name = montreal.example-vpn.tld
+# LAN = 192.168.1.1/24
+Address = 10.0.44.1/24
 ListenPort = 51820
 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
 DNS = 1.1.1.1
+PostUp = sysctl -w net.ipv4.ip_forward=1
+PostUp = sysctl -w net.ipv6.conf.all.forwarding=1
+PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+
 
 [Peer]
-# Name = public-server2.example-vpn.dev
-Endpoint = public-server2.example-vpn.dev:51820
+# Name = newyork.example-vpn.dev
+# LAN = 192.168.2.1/24
+Endpoint = newyork.example-vpn.dev:51820
 PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
+AllowedIPs = 10.0.44.2/32, 192.168.2.1/24
 
 [Peer]
-# Name = home-server.example-vpn.dev
-Endpoint = home-server.example-vpn.dev:51820
+# Name = vancouver.example-vpn.dev
+# LAN = 192.168.3.1/24
+Endpoint = vancouver.example-vpn.dev:51820
 PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
-
-[Peer]
-# Name = laptop.example-vpn.dev
-PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
-
-[Peer]
-# Name = phone.example-vpn.dev
-PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32
+AllowedIPs = 10.0.44.3/32, 192.168.3.1/24

example-lan-briding/newyork/wg0.conf

@@ -1,14 +1,26 @@
 [Interface]
-# Name = public-server2.example-vpn.dev
-Address = 10.0.0.2/32
+# Name = newyork.example-vpn.dev
+# LAN = 192.168.2.1/24
+Address = 10.0.44.2/32
 ListenPort = 51820
 PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220=
 DNS = 1.1.1.1
+PostUp = sysctl -w net.ipv4.ip_forward=1
+PostUp = sysctl -w net.ipv6.conf.all.forwarding=1
+PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+
 
 [Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
+# Name = montreal.example-vpn.dev
+# LAN = 192.168.1.1/24
+Endpoint = montreal.example-vpn.dev:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
-PersistentKeepalive = 25
+AllowedIPs = 10.0.44.1/32, 192.168.1.1/24
+
+[Peer]
+# Name = vancouver.example-vpn.dev
+# LAN = 192.168.3.1/24
+Endpoint = vancouver.example-vpn.dev:51820
+PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
+AllowedIPs = 10.0.44.3/32, 192.168.3.1/24

example-lan-briding/vancouver/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-lan-briding/vancouver/wg0.conf

@@ -1,28 +1,26 @@
 [Interface]
-# Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
+# Name = vancouver.example-vpn.tld
+# LAN = 192.168.3.1/24
+Address = 10.0.44.3/24
 ListenPort = 51820
-PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
+PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo=
 DNS = 1.1.1.1
+PostUp = sysctl -w net.ipv4.ip_forward=1
+PostUp = sysctl -w net.ipv6.conf.all.forwarding=1
+PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
 
-[Peer]
-# Name = public-server2.example-vpn.dev
-Endpoint = public-server2.example-vpn.dev:51820
-PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
 
 [Peer]
-# Name = home-server.example-vpn.dev
-Endpoint = home-server.example-vpn.dev:51820
-PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
+# Name = montreal.example-vpn.dev
+# LAN = 192.168.1.1/24
+Endpoint = montreal.example-vpn.dev:51820
+PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
+AllowedIPs = 10.0.44.1/32, 192.168.1.1/24
 
 [Peer]
-# Name = laptop.example-vpn.dev
-PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
-
-[Peer]
-# Name = phone.example-vpn.dev
-PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32
+# Name = newyork.example-vpn.dev
+# LAN = 192.168.2.1/24
+Endpoint = newyork.example-vpn.dev:51820
+PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
+AllowedIPs = 10.0.44.2/32, 192.168.2.1/24

example-simple-client-to-server/client/wg0.conf

@@ -1,13 +1,12 @@
 [Interface]
 # Name = laptop.example-vpn.dev
-Address = 10.0.0.4/32
+Address = 10.0.44.2/32
 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=
 DNS = 1.1.1.1
 
 [Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
+# Name = server.example-vpn.tld
+Endpoint = server.example-vpn.tld:51820
 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
+AllowedIPs = 10.0.44.1/24
 PersistentKeepalive = 25

example-simple-client-to-server/server/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-simple-client-to-server/server/wg0.conf

@@ -1,28 +1,11 @@
 [Interface]
 # Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
+Address = 10.0.44.1/24
 ListenPort = 51820
 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
 DNS = 1.1.1.1
 
 [Peer]
-# Name = public-server2.example-vpn.dev
-Endpoint = public-server2.example-vpn.dev:51820
-PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
-
-[Peer]
-# Name = home-server.example-vpn.dev
-Endpoint = home-server.example-vpn.dev:51820
-PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
-
-[Peer]
-# Name = laptop.example-vpn.dev
+# Name = client.example-vpn.dev
 PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
-
-[Peer]
-# Name = phone.example-vpn.dev
-PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32
+AllowedIPs = 10.0.44.2/32

example-simple-server-to-server/home-server/home-server.key

@@ -1 +0,0 @@
-WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo=

example-simple-server-to-server/home-server/home-server.key.pub

@@ -1 +0,0 @@
-8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=

example-simple-server-to-server/home-server/setup.sh

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-# install wireguard on FreeBSD
-pkg install wireguard
-
-# install wireguard on Ubuntu
-#add-apt-repository ppa:wireguard/wireguard
-#apt update
-#apt install wireguard

example-simple-server-to-server/home-server/wg0.conf

@@ -1,14 +0,0 @@
-[Interface]
-# Name = home-server.example-vpn.dev
-Address = 10.0.0.3/32
-ListenPort = 51820
-PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo=
-DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
-PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
-PersistentKeepalive = 25

example-simple-server-to-server/laptop/laptop.key

@@ -1 +0,0 @@
-OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=

example-simple-server-to-server/laptop/laptop.key.pub

@@ -1 +0,0 @@
-BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=

example-simple-server-to-server/laptop/setup.sh

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-# install wireguard on Ubuntu
-#add-apt-repository ppa:wireguard/wireguard
-#apt update
-#apt install wireguard
-
-# install wireguard on macOS
-brew install wireguard-tools

example-simple-server-to-server/laptop/wg0.conf

@@ -1,13 +0,0 @@
-[Interface]
-# Name = laptop.example-vpn.dev
-Address = 10.0.0.4/32
-PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=
-DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
-PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
-PersistentKeepalive = 25

example-simple-server-to-server/phone/phone.key

@@ -1 +0,0 @@
-WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw=

example-simple-server-to-server/phone/phone.key.pub

@@ -1 +0,0 @@
-VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=

example-simple-server-to-server/phone/setup.sh

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-# install wireguard on iOS/Android
-echo "Use the iOS App Store / Google Play Store to install WireGuard on your mobile device"

example-simple-server-to-server/phone/start.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-echo "Use the iOS/Android app to load the wg0.conf file and start Wireguard"

example-simple-server-to-server/phone/stop.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-echo "Use the iOS/Android app to load the wg0.conf file and stop Wireguard"

example-simple-server-to-server/phone/wg0.conf

@@ -1,13 +0,0 @@
-[Interface]
-# Name = phone.example-vpn.dev
-Address = 10.0.0.5/32
-PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw=
-DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
-PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
-PersistentKeepalive = 25

example-simple-server-to-server/public-server1/start.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-wg-quick up "$PEER_DIR"/wg0.conf
-wg show

example-simple-server-to-server/public-server1/stop.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-wg-quick down "$PEER_DIR"/wg0.conf
-wg show

example-simple-server-to-server/public-server1/wg0.conf

@@ -1,28 +0,0 @@
-[Interface]
-# Name = public-server1.example-vpn.tld
-Address = 10.0.0.1/24
-ListenPort = 51820
-PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
-DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server2.example-vpn.dev
-Endpoint = public-server2.example-vpn.dev:51820
-PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
-AllowedIPs = 10.0.0.2/32
-
-[Peer]
-# Name = home-server.example-vpn.dev
-Endpoint = home-server.example-vpn.dev:51820
-PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
-AllowedIPs = 10.0.0.3/32
-
-[Peer]
-# Name = laptop.example-vpn.dev
-PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
-AllowedIPs = 10.0.0.4/32
-
-[Peer]
-# Name = phone.example-vpn.dev
-PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
-AllowedIPs = 10.0.0.5/32

example-simple-server-to-server/public-server2/start.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-wg-quick up "$PEER_DIR"/wg0.conf
-wg show

example-simple-server-to-server/public-server2/stop.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-wg-quick down "$PEER_DIR"/wg0.conf
-wg show

example-simple-server-to-server/public-server2/wg0.conf

@@ -1,14 +0,0 @@
-[Interface]
-# Name = public-server2.example-vpn.dev
-Address = 10.0.0.2/32
-ListenPort = 51820
-PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220=
-DNS = 1.1.1.1
-
-[Peer]
-# Name = public-server1.example-vpn.tld
-Endpoint = public-server1.example-vpn.tld:51820
-PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
-# routes traffic to itself and entire subnet of peers as bounce server
-AllowedIPs = 10.0.0.1/24
-PersistentKeepalive = 25

example-simple-server-to-server/server1/setup.sh

@@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf
 iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
-iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE

example-simple-server-to-server/server1/wg0.conf

@@ -0,0 +1,12 @@
+[Interface]
+# Name = server1.example-vpn.tld
+Address = 10.0.44.1/24
+ListenPort = 51820
+PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
+DNS = 1.1.1.1
+
+[Peer]
+# Name = server2.example-vpn.dev
+Endpoint = server2.example-vpn.dev:51820
+PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
+AllowedIPs = 10.0.44.2/32

example-simple-server-to-server/server2/wg0.conf

@@ -0,0 +1,12 @@
+[Interface]
+# Name = server2.example-vpn.dev
+Address = 10.0.44.2/32
+ListenPort = 51820
+PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220=
+DNS = 1.1.1.1
+
+[Peer]
+# Name = server1.example-vpn.tld
+Endpoint = server1.example-vpn.tld:51820
+PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
+AllowedIPs = 10.0.44.1/24