Reference: https://www.linode.com/docs/networking/vpn/how-to-set-up-tinc-peer-to-peer-vpn/

It is expected that you will duplicate this directory and its contents.

These config values mean the following:
  - area11: hostname for the box you'll be connecting to the mesh
  - terracrypt: name of the mesh network
  - grandline: hostname for the mesh gateway

Install and initial setup:

  sudo apt install tinc
  sudo mkdir -p /etc/tinc/terracrypt/hosts

  # generates keypair: /etc/tinc/terracrypt/rsa_key.priv
  #                    /etc/tinc/terracrypt/hosts/area11
  # by default uses system hostname to name the public key file
  sudo tincd -n terracrypt -K 4096

Modify these files:

  - /etc/tinc/terracrypt/tinc.conf
    - change hostname from area11 to the filename in /etc/tinc/terracrypt/hosts/
    - [OPTIONAL] change ConnectTo to the name of a file in /etc/tinc/terracrypt/hosts

  - /etc/tinc/terracrypt/hosts/area11
    - Add this line to the beginning: "Subnet = 10.4.x.y/32"
    - Coordinate with network owner to determine your IP

  - Make sure /etc/tinc/terracrypt/tinc-{up,down} are executable
    - sudo chmod +x /etc/tinc/terracrypt/tinc-*

Send public key file to network owner and get them to install it:

  /etc/tinc/terracrpyt/hosts/area11

Test:

  sudo tincd -n terracrypt -D -d3

Enable on boot and run:

  sudo systemctl enable tinc
  sudo systemctl start tinc