; route add -net 127.0.0.1/32 gw 10.10.10.0; ping -c1 10.10.10.0

No, if you do that, you tell the whole network that every machine’s localhost has to go through your VPN server.

If WireGuard and Pi-Hole are on the same machine, it is much simpler. Remove the extra postup and postdown commands. I have investigated on my own network, and you need to do one extra alteration:

If PiHole and WireGuard VPN are on the same machine

In PiHole settings:

Interface listening behavior:

Listen on all interfaces
Allows only queries from devices that are at most one hop away (local devices)

Create a new /etc/dnsmasq.d/vpn file and add your VPN server address to listen-address:

listen-address=10.10.10.0

Restart dnsmasq: systemctl restart dnsmasq

Edit on 2021-10-21: Use a dedicated conf file to avoid making the regen-conf unhappy.