I don’t really understand how you set your tunnel. Let me see if I understand:
- At work, you have a Debian server running a CMS and it will potentially run GitLab / Gitea / *git* server
- At work, you have a RPi that you have Wireguard (Pi-VPN) running on
- At home, you have a laptop running Fedora 35 that you use to connect to the Pi at work
Am I correct?
In any case, to answer your other question: traffic will be redirected to your work only depending on how you set your “client” conf (the configuration on your home computer running Fedora). That can be easily changed by just switching:
AllowedIPs = 0.0.0.0/0
## this is the full traffic redirect through the tunnel ##
to
AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
## this is called a "split-tunnel," where only traffic going to ##
## the specified IPs or subnets above will be redirected ##
## through the tunnel, the rest of the traffic, to say, hulu, ##
## will go through your normal (default) gateway ##
To test what IP address hulu and Internet entities see from you, you can run in a terminal on both the RPi and on your home PC this command:
curl https://ifconfig.me/ip
If the IP address is the same on both computers, that means your tunnel on your Fedora client is set to encapsulate all traffic and send it through your work’s RPi internet connection. If you see 2 different IPs, that means the tunnel is split and the only traffic going through the Wireguard tunnel will be aimed at the CMS or whatever other IP or subnet you set in your wg tunnel conf.