I use nextdns as I can use that when mobile but if you want a local solution adguard home has DOH/DOT built in and a nicer interface than pihole IMHO
sarkyscouser
You will be behind CGNAT and a VPN will work yes but you will need to run a VPN client on each of your remote devices.
Adguard Home or pihole for starters.
Or run unbound and go straight to authoritative DNS servers.
If you want stability then you should go with Debian
I'm assuming the benefit over say Caddy + Authelia is that you don't need to open any local ports such as 80 and 443?
Once you've chosen a VPN take a look at gluetun as a dockerised VPN gateway
I use Caddy and agree with your last point in the context of Crowdsec
Quite a number of smart home devices may not even support 5GHz wifi, I would check first.
5GHz/40MHz wifi should be good for ~300Mbps in the same room but will rapidly go down with distance and obstructions.
Increase your channel width to 80 MHz. Yours is set to 40 or lower.
Increasing channel width will increase bandwidth but reduce range and increase interference.
If you only have a basic router channel width settings may not be available though.
If the device you're using is 1x1 mimo then 300 Mbps is what you can expect. A 2x2 mimo device will double that or perhaps a bit more.
Been with PIA for years, tried Nord once but the speeds were awful so got my money back
Yes, I expose Home Assistant this way