Hi, so been working on this for a week but not really happy with the solutions I find as they seem to be done by induviduals who rely heavily on ai. I got wireguard easy going and can remotly connect which is great but id love to be able to route any internet traffic to and from the wireguard clients to go though another server while filtering my local onsite services. Felt that if i can crack this i dont need to rely on tailscale. The end goal is to have no reliance on tailscale as i am preparing for the eventual enshitification.
I've started working on something very similar ( Client -> Wireguard -> homeserver -> Mullvad -> Internet), but didn't get too far and saved the project for later. IIRC, I had issues defining more clearly in the post-up / post-down hooks which traffic was supposed to go where. Upon bringing up the tunnel to Mullvad, I'd lose SSH access instantaneously. I'll watch this thread closely and contribute once I get around to tackle the issue sometime this summer.
Yes! Thats the issue im having. I can make wireguard clients connect to mullvad and work but once i try to split tunnel through the post up down hooks i get stuck. Glad im not alone there. The conversations here i wonder if there is an issue with (if your using gluetun) iptables and the wireguard easy nftables. But yes so glad im not alone here with the weird fuckery :-) ill be honest im prob going to try a spin up headscale. Looking online it seems like its the most mature answer and the roads well worn. Just feel its might burn more resources than this would.