Can't wrap my head around Double VPN

Hello Dear Friends,

I am having the most difficult task so far in my journey with OpenWRT.
I am not sure how to approach this problem and what is the best solution:

I have OpenWRT running my whole network. It is a pretty advanced set up with VLAN's, firewall rules, etc. that I have polished over the years. It has some issues, but that is for another time.

Today I need your help with this:
I have a VPN server running at home and OpenWRT port forward the outside traffic to it. I have Dynamic DNS set up and it has been working great. I have a few services running at home, so it is great to always be on my own VPN.

Now I would like to put my whole network behind VPN. Preferably it would be per-VLAN based, that way I can retain some VLAN's with true IP address.

How do I do this?

Outside of Home -> VPN in to OpenWRT and VPN server and have access to all home servers -> VPN to my trusted provider.

Thanks so much,

Anyone has any ideas?

I recommend to run both OpenVPN-client, and server on OpenWRT router.

@ulmwind thats not a bad idea, however I prefer to run my VPN server on a dedicated server, on its own VLAN, and grant access to other devices on a per need basis.

OK, is it tun, or tap?