This is exactly what I wish we got more from blog posts. It covers all the things for a real world complex yet simplified (as much as possible without negating the value of the tutorial by skipping important steps) and does some really cool things like run GUI apps in containers by passing in Wayland display socket (and a serious GUI app - an RDP client connecting to a remote machine over the wg tunnel, and a browser (Firefox) with audio!), access the host SSH agent, set up a real-world wireguard tunnel that does IP forwarding, etc.
OP, I hadn't heard of Custodibus before, but it sounds useful and I love that there's a GPL community version. I'll be testing it out and you may have also won yourself a customer, gatewayed from this blog post :-)
But super cool; there's something really appealing about creating what I would call thin clients in containers - this should even make it easy to have, say, multiple browsers open, each on a different network.
My current one is quite a bit different (based on Debian instead of Ubuntu, additional steps to make VR work, and some other changes) but the parts related to sockets etc are the same.
Direct link to Gist for any other interested people: https://gist.github.com/Arnavion/81006757190c29aa0b24c674e24...