I was surprised when you said that you were seeing such low amounts of free RAM. But clearly you have found that it is not WG that is responsible for the RAM usage. And yes, samba4 is much larger than 3.x, so this makes sense.
Not a problem.
Also not a problem. You'll simply allow forwarding from the VPN to the WAN.
Yes, but there is some nuance here. In most cases, you will indeed be able to connect to the systems as if you were local, but this needs to be done by hostname or IP address. MDNS and other 'autodiscovery'/'zero config' networking technologies do not work across subnets (generally speaking), so things like AirPrint or chromecast or Sonos controllers will not work -- these protocols are designed to only work on the local subnet. There are ways around this, but it may significantly increase the overhead/bandwidth of the VPN connection, and may not work universally. The other thing to know is that certain systems -- Windows in particular -- will have their firewalls set to only accept connections from the local subnet. That means that you may need to make adjustments to the firewalls on those devices to ensure that they will allow the connections from the remote VPN peers.
As far as the IP addressing of the VPN 'clients' is concerned - this is done as part of the configuration -- each peer will have an IP address that is known and consistent, but there isn't an automatic addressing method like DHCP.
I haven't done this (yet) myself, but I am 99% positive that it will work properly. I now that this can be done.
This is one of the great things about WG -- it is not chatty and is very efficient. This means low data usage when there isn't any active data transmissions, and low overhead when you are moving data between the sites. And yes, because your 4G site will be a 'client', it will be able to connect back to the system on the wired ISP without any issues.
Yup, this works without any issues. This is how I use mine.
You'll use VPN Policy Based Routing to achieve this. Absolutely not an issue.
The downstream devices don't need to have any knowledge of the VPN... it just works. The router will setup what amounts to a transparent tunnel.
VPN PBR will handle this.
You can actually generally treat these as one and the same. And WG is good for this application.
DD-WRT has this (to a degree) as well. But Tomato and DD-WRT are not flexible systems... if your configuration doesn't fit neatly into the box, it won't work. OpenWrt is far more flexible.
To a degree, this is about documentation more than development. Use any analogy you like here -- cars, computers, home theater setups, etc. -- there is a tradeoff here... typically systems that are optimized for ease of use have less flexibility and really work with a prescribed set of features/functions, where as the most flexible systems often cannot be as well optimized for ease of use because they allow the user to do all sorts of things that may not have been prescribed by the designers. No, you're not the only one who has trouble with setting this stuff up, but the forums exist to help. In time, you may learn enough (if you want to) to be like "yeah, I know how to do all of this stuff and I can even help others with different needs."