Hi, thanks for writing this guide.
As cool as it is for a single system with its own WireGuard client, this adds too much complexity in Qubes OS without benefit.
In Qubes OS, you create a qube that will act as a WireGuard client and provide network to other qubes, put a firewall rule to limit traffic to the WireGuard server endpoint only, and you are done.