Tinc is incredible, it has worked flawlessly for me for 6+ years with exactly 0 maintenance.
As trustworthy as it is, I am sadly on the hunt to replace it. Compared to wireguard, the throughput ain't great, and it takes way too much CPU on my low power nodes. I would pay good money for "tinc, but with wireguard transport" -- there's of course projects purporting to do this but I haven't found one I trust yet.
There's another dead comment saying the same thing, but take a look at Nebula. I set it up over a year ago and haven't really thought about it much since - it just works. The open source version doesn't have any fancy GUIs or anything but it's not very hard to deploy. Covers every OS that you'd probably care about too.