Wireguard

Simple way of peering two nodes. Only one needs the address and port. Both can be defined. But when one is behind a firewall or nat. That would be the one which has only the public key and address. Because that side initiates the connection.

wg set wg0 peer [PEER PUBLICKEY] allowed-ips 10.0.0.2/32 endpoint 88.123.123.123:58842
wg set wg0 peer [PEER PUBLICKEY] allowed-ips 10.0.0.1/32 persistent-keepalive 25

examples

how to setup wireguard connection.

These are just example commands.

when the machine has no wireguard config yet. You first have to create its own config

generate the keys

cd /etc/wireguard/ && wg genkey | tee privatekey | wg pubkey > publickey && chmod 600 privatekey

Create a wg0.conf and add privatekey to it.

[Interface]
Address = 10.0.0.257/32
SaveConfig = true
ListenPort = 58842
PrivateKey = 

Start the wireguard interface

wg-quick up wg0

adding peers

Add peer Server2 on Server1

wg set wg0 peer Y0St1w+XuUimvf9mUNgtiMTiYkPoFbj2Eztsg/QEk=  allowed-ips 10.0.0.257/32 endpoint 45.150.79.100:58842 persistent-keepalive 25

Add peer Server1 on Server2

wg set wg0 peer dQc1A++IqK6jZbR70VyWKl7D1dzrmyOSuV6GxSY=  allowed-ips 10.0.0.258/32

Removing a peer from the commandline

wg set wg0 peer [PEER PUBLICKEY] remove