This looks great, thanks! One quick note: one often-unnoticed thing that OpenVPN currently has in its favor is how robust it is in the face of users with different sets of needs or competency levels.
This comes out in, for example, the "Accessing your home LAN" part of your article. It has a bunch of iptables magic that I understand, but presumably shouldn't have to in order to use WireGuard. Actually, the device that makes the most sense to use as a WireGuard server is my router, which is based on BSD; so presumably I'd need modify your commands to get this working on my OS! With OpenVPN, on the other hand, I can literally install a package for my firewall (OPNsense) and it's all done for me with a few clicks. That's what I mean by robustness: I'm capable of getting OpenVPN working on just about any computer, including my GUI based BSD router. WireGuard just doesn't have that yet.
This comes out in, for example, the "Accessing your home LAN" part of your article. It has a bunch of iptables magic that I understand, but presumably shouldn't have to in order to use WireGuard. Actually, the device that makes the most sense to use as a WireGuard server is my router, which is based on BSD; so presumably I'd need modify your commands to get this working on my OS! With OpenVPN, on the other hand, I can literally install a package for my firewall (OPNsense) and it's all done for me with a few clicks. That's what I mean by robustness: I'm capable of getting OpenVPN working on just about any computer, including my GUI based BSD router. WireGuard just doesn't have that yet.