One thing that isn't quite clear to me after a quick peruse of the website - say I'd like to use WireGuard as a VPN for my general personal internet security. I guess I'd need a server running somewhere with a WireGuard server, and then the iOS client - is that correct? i.e. it's not something like a SOCKS tunnel where I just need ssh at the other end.
Yes, if by personal security you mean encryption of all your traffic with anonymity only towards your LAN/ISP; since your server's IP will be the sole egress point.
If you're looking for anonymity as well I would recommend you take a look at Mullvad [0] who offer a great service with full Wireguard support [1].
I've ran Wireguard on a $5 DO Droplet for a while, but decided to support Mullvad instead and get the benefit of their infrastructure for the same monthly price.
Not a plug or anything I just genuinely am impressed by the performance and ease of use. For transparency's sake, AzireVPN is their primary competitor in the Wireguard space.
[1] gives a very good rundown of what you need to do to make it work. It is actually very trivial (once you've got wireguard.ko). Just generate a key, and cross-copy the public halves.
However configuration to make forwarding of all packets and thus making it usable as a full VPN requires a few extra steps on the server:
Like anything else, you need an appropriate server at the other end.
For SOCKS, that would be a SOCKS server (not sshd). (ssh <-> sshd happens to have an option to spawn a limited SOCKS server, but it is not the only SOCKS server in existence.)
