##################################################

             /etc/network/interfaces

##################################################

auto wg0
iface wg0 inet manual
  pre-up ip link add dev wg0 type wireguard
  pre-up ip address add 192.168.2.1 peer 192.168.2.2 dev wg0
  pre-up wg setconf wg0 /etc/wireguard/wg0.conf
  #pre-ip ip route add 192.168.2.0/24 via 192.168.2.1 dev wg0
  up ip link set up dev wg0
  down ip link del dev wg0

##################################################

             /etc/wireguard/wg0.conf

##################################################

[Interface]
PrivateKey = AFaE+LRBfoHPw9GP8bKc3RWpwRS89XOTGJ0M+y97QWA=
ListenPort = 41920

[Peer]
PublicKey = AFVhZA5OrB58IsB7tLySvZ9g6YgLECyGujSCkRSADE8=
Endpoint = $ENDPOINT_IP_HERE:41920
AllowedIPs = 0.0.0.0/0, 192.168.2.0/24
PersistentKeepalive = 21


##################################################

             /etc/rc.local

##################################################

#!/bin/sh -e
# NAT stuff
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT --to $IP_OF_THIS_ENDPOINT
iptables -t nat -A POSTROUTING -s 192.168.2.2 -j SNAT --to-source $IP_OF_THIS_ENDPOINT
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 ! -o wg0 -j SNAT --to-source $IP_OF_THIS_ENDPOINT

# Forwarding ports
iptables -t nat -A PREROUTING -d $IP_OF_THIS_ENDPOINT -j DNAT --to-destination 192.168.2.2 -p tcp --dport 57000:57010
iptables -A FORWARD -d 192.168.2.2 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -p tcp --dport 57000:57010
iptables -t nat -A PREROUTING -d $IP_OF_THIS_ENDPOINT -j DNAT --to-destination 192.168.2.2 -p udp --dport 57000:57010
iptables -A FORWARD -d 192.168.2.2 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -p udp --dport 57000:57010

exit 0