I had some more free time and an extra VPS not doing much, so I spent a few minutes setting up a Wireguard VPN, mostly by following a mixture of the official documents' quickstart instructions, and the instruction listed here.
Things that did not immediately occur to me and required some thought:
- Your VPN_IP as listed in the Server Side Up instructions is whatever you want to set it as. (Assumption is that you have some internal architecture/allocation structure, if you're setting this all up by hand for small batches of clients.)
- If you change the server config (wg0.conf) with the interface up, then restart it, it will likely overwrite whatever changes you just made. Shut the interface down first. before you make changes, then bring it back up.
- It's easy to get your private and public keys for the server and clients mixed up - when generating keys, make sure you keep things well segregated and well labeled.