It's not really clear exactly what you want.

When you're at home, and for services running on your home server, it you want everything to go through the remote wireguard server then that's achievable.

However, if you want to be able to access services running on your home server, while you're not at home, via that remote wireguard server, that generally requires port forwarding which commercial providers generally don't offer.

Can you clarify ?

I want to make sure I understand your goal correctly.
Here's what I'm getting.

1. You have a wire guard connection that you want to use for outbound traffic from your local LAN.
2. You have a Debian box that serves at the client in this situation.

Here's the part where I'm a little fuzzy

1. You want to connect to your local LAN using another wire guard connection and have WAN requests routed from clients connecting to your LAN (via wire guard) out the wire guard connection mentioned in #1.

Did I get any part of that wrong?

Edit: NVM. I saw your response to another comment that sounds like this is exactly what you want.

This should be achievable via routing. I actually do the same thing. The main difference is all the work is done on my router which handles both wire guard connections and routing.

At the minimim you're going to need:

• A NAT rule on your local router to port forward incoming wire guard requests on the WAN to your Debian box. **Assuming the Debian box is also the wire guard server.
• An iptables DSTNAT rule on your Debian box to route local traffic to the LAN gateway.
• An iptables DSTNAT rule on your Debian box to route outbound WAN traffic that does NOT originate from your Debian box to the gateway at the other end of the outbound wire guard connection.

You can set this up with your router connecting to the remote server and routing your client traffic through there instead of the gateway your router is using for WAN.

Specifics are router... Specific.

You can do the same with a vm in your network acting as a router or proxy as well, pick your poison.

If I'm understanding what you want to do, I have this set up on an OpenWRT router with multiple remote endpoints used for different devices. Our phones go to a hosted Wireguard server in one city, PCs to an OpenWRT router in a different location, and IOT devices that aren't blocked and guest devices exit access the Internet locally. With some additional work you should also be able to have remote devices connected via WG exit wherever you like.

Policy Based Routing on OpenWRT makes this possible and it should be doable as long as the devices you want to allow to exit the remote server are included in that server's "Allowed IPs" setting. (Maybe there's a way around that, but I haven't had to deal with it.)