move examples to folders

example-simple-client-to-server/client/laptop.key

@@ -0,0 +1 @@
+OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=

example-simple-client-to-server/client/laptop.key.pub

@@ -0,0 +1 @@
+BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=

example-simple-client-to-server/client/setup.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+# install wireguard on Ubuntu
+#add-apt-repository ppa:wireguard/wireguard
+#apt update
+#apt install wireguard
+
+# install wireguard on macOS
+brew install wireguard-tools

example-simple-client-to-server/client/start.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+wg-quick up "$PEER_DIR"/wg0.conf
+wg show

example-simple-client-to-server/client/stop.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+wg-quick down "$PEER_DIR"/wg0.conf
+wg show

example-simple-client-to-server/client/wg0.conf

@@ -0,0 +1,13 @@
+[Interface]
+# Name = laptop.example-vpn.dev
+Address = 10.0.0.4/32
+PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o=
+DNS = 1.1.1.1
+
+[Peer]
+# Name = public-server1.example-vpn.tld
+Endpoint = public-server1.example-vpn.tld:51820
+PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=
+# routes traffic to itself and entire subnet of peers as bounce server
+AllowedIPs = 10.0.0.1/24
+PersistentKeepalive = 25

example-simple-client-to-server/server/public-server1.key

@@ -0,0 +1 @@
+2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=

example-simple-client-to-server/server/public-server1.key.pub

@@ -0,0 +1 @@
+q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE=

example-simple-client-to-server/server/setup.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# install wireguard
+add-apt-repository ppa:wireguard/wireguard
+apt update
+apt install wireguard
+
+# to enable kernel relaying/forwarding ability on bounce servers
+echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
+echo "net.ipv4.conf.all.proxy_arp" >> /etc/sysctl.conf
+sudo sysctl -p /etc/sysctl.conf
+
+# to add iptables forwarding rules on bounce servers
+iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT
+iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE

example-simple-client-to-server/server/start.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+wg-quick up "$PEER_DIR"/wg0.conf
+wg show

example-simple-client-to-server/server/stop.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+wg-quick down "$PEER_DIR"/wg0.conf
+wg show

example-simple-client-to-server/server/wg0.conf

@@ -0,0 +1,28 @@
+[Interface]
+# Name = public-server1.example-vpn.tld
+Address = 10.0.0.1/24
+ListenPort = 51820
+PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ=
+DNS = 1.1.1.1
+
+[Peer]
+# Name = public-server2.example-vpn.dev
+Endpoint = public-server2.example-vpn.dev:51820
+PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s=
+AllowedIPs = 10.0.0.2/32
+
+[Peer]
+# Name = home-server.example-vpn.dev
+Endpoint = home-server.example-vpn.dev:51820
+PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg=
+AllowedIPs = 10.0.0.3/32
+
+[Peer]
+# Name = laptop.example-vpn.dev
+PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js=
+AllowedIPs = 10.0.0.4/32
+
+[Peer]
+# Name = phone.example-vpn.dev
+PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A=
+AllowedIPs = 10.0.0.5/32