Fix WireGuard AllowedIPs for proper mesh networking

Change from /32 single-IP restrictions to full network range for all peers.
This enables proper all-to-all mesh communication while maintaining
security through preshared keys.

cluster-setup.sh

@@ -219,14 +219,14 @@ EOF
     echo -e "${YELLOW}[+] Requesting cluster to add this node as peer...${NC}"
     
     # SSH to cluster node and add peer (requires SSH key setup)
-    ssh_cmd="wg set ${WG_INTERFACE} peer ${public_key} preshared-key <(echo ${preshared_key}) allowed-ips ${my_ip}/32 persistent-keepalive 25"
+    ssh_cmd="wg set ${WG_INTERFACE} peer ${public_key} preshared-key <(echo ${preshared_key}) allowed-ips ${WG_NETWORK} persistent-keepalive 25"
     
     echo -e "${YELLOW}Run this command on the cluster node (10.10.0.1) to add this peer:${NC}"
-    echo -e "${GREEN}sudo wg set ${WG_INTERFACE} peer ${public_key} preshared-key <(echo ${preshared_key}) allowed-ips ${my_ip}/32 persistent-keepalive 25${NC}"
+    echo -e "${GREEN}sudo wg set ${WG_INTERFACE} peer ${public_key} preshared-key <(echo ${preshared_key}) allowed-ips ${WG_NETWORK} persistent-keepalive 25${NC}"
     echo -e "${GREEN}sudo bash -c 'echo \"[Peer]\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
     echo -e "${GREEN}sudo bash -c 'echo \"PublicKey = ${public_key}\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
     echo -e "${GREEN}sudo bash -c 'echo \"PresharedKey = ${preshared_key}\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
-    echo -e "${GREEN}sudo bash -c 'echo \"AllowedIPs = ${my_ip}/32\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
+    echo -e "${GREEN}sudo bash -c 'echo \"AllowedIPs = ${WG_NETWORK}\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
     echo -e "${GREEN}sudo bash -c 'echo \"PersistentKeepalive = 25\" >> /etc/wireguard/${WG_INTERFACE}.conf'${NC}"
     
     read -p "Press enter once you've added this peer to the cluster node..."