How-to configure the Wireguard setup, that when a laptop is out of the local network it can access the environment but when the laptop is locally it will not use the wireguard tunnel?
It looks like the current setup only allows you to have all the data go through the tunnel (even if you're on the local network) or only provide allowed IPs and the the local of the other traffic will not go through the tunnel.
Is there some auto enable disable of the client that can detect is it's on a local network or not?
Afaik WG has no such option to override VPN for direct reachable networks like OVPN provides.
I guess the only way is to disable/ enable the tunnel manually.
That would be a client side thing.
For example, the WG app for iOS has an "on-demand activation" setting that automatically starts the VPN if the device is on cellular and/or wifi, with the ability with wifi to specify only specific SSIDs to trigger it or exclude specific SSIDs from triggering it.
For Android I am using "automate" to toggle WG on/off when connected/disconnected from home WLAN.
Depending on your OS this may be possible for you too. Maybe a script will work to change the routing table, excluding the LANs subnet from being routed through WG when connected to the home LAN.