[Interface] 
#this is specific to the interface you're connecting to Wireguard WITH.
#this is the address you specify for the client you wish to connect to your Wireguard server. It must match its corresponding peer entry on the server's wg0.conf file or packets will DROP.
Address = 172.16.79.2/32
In order to prevent leaks, you must set this entry to the address of the Wireguard server handling DNS requests. Be sure to install bind9.
DNS = 172.16.79.1
#If you set this flag to true, all these helpful comments and configurations could vanish!
SaveConfig = false
#this must match the listen port you set up on the server and allowed in through firewall, otherwise packets will DROP
ListenPort = 12208
#these commands block outside DNS by rejecting local packets. However, if you did not properly set up bind9 on the server, this will prevent you from going online. Please ping your DNS server to verify connectivity. Please note that if you were accessing resources on your home network, those resources will not be available until you disconnect.
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
#The forward mark below should match the chosen listening port in 0x(hexadecimal equivalent). This is for routing tables.
FwMark = 0x2fb0
#this is the private key of THIS interface, which should have been saved in /etc/wireguard/interface_private.key. To view, open a privileged nano or xed session pointing to this path.
PrivateKey = 

#this entry should point to your designated Wireguard SERVER
[Peer]
#this entry should have the public key of your server
PublicKey = 
#In order for internet access to pass through, you need to use a null netmask. If you want to communicate with other Wireguard devices on the same network, you must also include the network CIDR.
AllowedIPs = 0.0.0.0/0, 172.16.79.0/27
#this should match the public IP address of a NIC on your Wireguard server that is facing the internet. Use ifconfig to determine what this address is. The IP address example resolves to 'digitalocean.com'. Aaaand they use GSuite. WTH hasn't G----- touched?
Endpoint = 104.16.181.15:12208
#the server periodically checks connections between itself and clients. 15 to 25 seconds is usually fine.
PersistentKeepalive = 25