Glad you managed to automate it your way. Indeed, WireGuard is a separate package that must be downloaded every time and can't be transferred and installed by exporting and importing the backup. You will need to export its configs separately and then only when WireGuard manually installed - import configs and restart the service.
Yes, any kind of direct IP communication (tunneled or not) must be established before you can do any scripting on files. Unfortunately, there is no way around it. Only somehow through RMS access and then edit files in its graphical interface. Or VPN.