WireGuard and lsyncd to sync a directory.
install wireguard
apt install wireguard / pacman install wireguard-tools
generate keypairs
wg genkey | tee server_private.key | wg pubkey > server_public.key
Server config file /etc/wireguard/wg0.conf
[Interface]
PrivateKey = <server_private_key>
Address = 10.11.12.1/24
ListenPort = 51820
[Peer]
PublicKey = <client1_public_key>
AllowedIPs = 10.11.12.2/32
[Peer]
PublicKey = <client2_public_key>
AllowedIPs = 10.11.12.3/32
# Repeat for all clients...
Server iptables
sudo iptables -A FORWARD -i wg0 -j ACCEPT
sudo iptables -A FORWARD -o wg0 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -s 10.11.12.0/24 -o eth0 -j MASQUERADE
Client iptables
sudo iptables -A PREROUTING -p tcp -m tcp --dport 2222 -j DNAT --to-destination 10.11.12.3:22
sudo iptables -A POSTROUTING -d 10.11.12.X/32 -p tcp -m tcp --dport 22 -j MASQUERADE