Replication task over Wireguard VPN

[ponas]

I have a backup server for my Truenas(12.0) box and would like to be able to push replication snapshots to it over the internet in a safe way. I have dabbled a bit with Wireguard and set up a VPN on the same network as my main server.
I am however at a loss (due to extreme noobness) as to how I can set up the replication task to complete over the VPN.
Here's what I have done so far:
- Set up a VPN on main network and tested it. It seems to work and I can access my network from the outside
-Set up a replication task with an SSH keypair between the two servers. The replication task runs smoothly and snapshots are send to the backup server on the local network
Here's where I get confused:
- I should install the Wireguard client on the backup server but my understanding is that I should do that in a jail and not on the main Truenas base install. However if I install the client in a jail how does the replication task "know" it should go through the VPN ? (sorry i know my question is very basic but I am a bit lost as to how network and redirections etc. work in a Truenas+jail environment)

Bonus question:
- Following the recent snafu with the in-kernel implementation of Wireguard for FreeBSD, is it considered safe to use Wireguard today in a Truenas environment ?

TL;DR: How do I create a replication task that syncs snapshots to my remote backup server over a wireguard VPN ?

 

[technopop]

Routing of the non default kind..

Local truenas has an IP 192.168.1.10 on a /24 network.
Local jail with wireguard is on the same LAN with IP 192.168.1.11

Local TrueNAS : route add 192.168.2.0/24 gateway 192.168.1.11 (adjust to however the command should look)

Remote truenas has an IP 192.168.2.10 on a /24 network.
Remote jail that has wireguard is on the same LAN and has an IP of 192.168.2.11

Remote TrueNAS: route add 192.168.1.0/24 gateway 192.168.2.11