Wireguard container as a VPN router

You are looking for an http(s) proxy. The computers would connect to the proxy, the proxy would then send all of the web traffic from the connected systems through WireGuard or openvpn.

I am not aware of an all in one docker for this but if it exists someone else may know about it. It may be possible to build this setup using a small VM though on which you run a proxy like squid and WireGuard or openvpn or perhaps by separate squid and WireGuard dockers that are configured to work together.

It’s not something I have looked into in depth myself so I can’t give you the details.

No, I don't think you grasp the concept quite right or are confusing proxy with reverse-proxy. Your router is the gateway for you LAN to the internet. If your router is picking up a gateway from your ISP, that is telling it where to send it's traffic to get to the next network segment.

Change the gateway on your machines and they won't sent web traffic to your router. Change the gateway that your router picked up from your ISP and it won't send it's traffic on to the next place it needs to go, unless that change directs it to a VPN proxy that your ISP is offering, and If they were offering what you are asking about, you wouldn't be here asking.

If you look in the setup of every browser, there is a proxy section. This is designed to direct web traffic to a different location instead of your normal router gateway, this other location would be the one running the proxy server and routing the traffic out through the VPN.

If you want normal access on some machines and vpn access that you can tell certain machines to use, the only way to do what you are asking about where select traffic from some systems is routed through a single vpn tunnel is with a proxy feeding a vpn and then out through the gateway for your network and on through the gateway of your ISP. If you have a really advanced enterprise grade router, this may be built in, but I doubt you have that, in which case it's back to the proxy/vpn local setup.

Proxy is not difficult or complex. It just acts as an alternative location to send web traffic before sending it on to the next node, be that your gateway or a vpn connection. Proxies were originially designed as a way to cache data locally and save internet bandwidth in the early days and then for security side of things since they are an extra layer of isolation, but thier usage for those purposes are not really a thing anymore.

Your inital query about the mentioning VPN/router is almost right, but a setup with a router like that would most likely be a lot more complicated because you would have to run a router software with the vpn client built in instead of an http(s) proxy feeding a vpn client, which would then require possibly dealing with double NAT issues, port forwarding issues, firewall issues, etc., if you are already implementing any thing like that in your hardware router. http(s) proxy is simpler, and will work exactly how you want, you would just need to set the browser proxy setting on your systems, not the network gateway setting.

Think of the proxy setup as effecting web traffic only, but the gateway setup effecting is all network traffic that is trying to cross into the next network segment