Looks like I may have solved it, without the double NAT or the static route. The key issue was the iptables (which I still don't completely understand). I'll map it out, in case anyone else stumbles on this thread with the same problem.
Basically, if I understand correctly, my iptables were supposed to be doing the work of the NATing that you're mentioning above. Copying and pasting my original iptable rules (bold emphasis added):
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
I pulled these from a number of tutorials for wireguard and they were supposed to work "out of the box." However, in my case they didn't because my VM installation of ubuntu on my synology NAS doesn't assign the main interface as "eth0" ... it uses "ens3" (as I finally realized when I ifconfig'd it). I don't have enough experience with VMs to know whether this is synology-specific or not. Anyway, I changed my wireguard server iptables to swap in "ens3" and with my original port fowarding and firewall rules in place, everything seems to be working. Both using an LTE hotspot for my laptop and with my phone not connected to Wifi, I am getting my router's public IP address. Wireguard server can see both my phone and my laptop wireguard connections. I can access everything as if I was on my LAN. I can also use my LAN pihole as a DNS server, which is great.
Thanks again for all your help. I did manage to learn a lot more about networking, which is a plus. And my wife is thrilled that this project is over, so that at least for now, I'll no longer by pissed off and hunched over my laptop for days on end ;)