IPv6 setup is incomplete

[TheReverend403]

While you mention the sysctl and iptables setup needed for ipv4, no such documentation is mentioned for IPv6 tunneling.

IPv6 forwarding can be enabled with net.ipv6.conf.all.forwarding

Also, net.ipv4.conf.all.proxy_arp is not necessary at all.

Also also, you can bypass sysctl entirely by just adding IPForward=yes to your public interface's networkd config, assuming you're using systemd.

Finally, if you're using systemd >= 241, you can make the whole process a hell of a lot easier by just using networkd's native wireguard support, like so. (See the official docs on this for further reading)

# /etc/systemd/network/30-wg0.netdev

[NetDev]
Name=wg0
Kind=wireguard
Description=WireGuard

[WireGuard]
PrivateKey=<key>
ListenPort=51820

[WireGuardPeer]
PublicKey=<key>
AllowedIPs=10.8.0.2/32, fd42:42:42::2/128
PersistentKeepalive=25

# /etc/systemd/network/30-wg0.network

[Match]
Name=wg0

[Network]
Address=10.8.0.1/24
Address=fd42:42:42::1/64

[pirate]

Great suggestions, thanks! I use netplan personally which is why I think I missed those docs initially. If you want to PR some changes I'd be happy to accept them! Otherwise it might take a while as I usually test config stuff personally before adding it, and my setup is working nicely right now so I might not get around to it for a few weeks.

[ghost]

Automated Script:

https://github.com/complexorganizations/wireguard-install

@TheReverend403

[TheReverend403]

Automated Script:

https://github.com/complexorganizations/wireguard-install

@TheReverend403

I don't need a setup, I already have multiple working wireguard servers. Thanks though :)