Both mine and directnupe's guides were written up from old threads in an effort to make AGH more user friendly for the install. The primary difference between mine and his, is that I do pre-setup and then use AGH install script and he does it all manually (which is also what you did).
This is fine if you know what you are doing and understand your routers cpu and thus know what version to install. AGH's install script does that all for you and thus makes it much easier for beginners to just do as a push button install.
the scripts from my thread would have done most of that for you. I just do some pre-setup things then call AGH's install script from their page to do the install.
Which version have you installed? The stable branch (107) or the more updated edge branch (108)?
All this is done as my presetup in my script.
Again, this is done in the dns script that i made optional for some people. I split my DNS script from the install script to give people the option to keep their ISP DNS or even to edit the script and use a different DNS.
However one important thing to note here. What you have done is disable your upstream DNS for the router but have NOT given it an alternate DNS. Right now your router has no external DNS ( Ah i see you have pointed it internally at AGH. But that will mean when your router boots you will not get NTP updates until AGH loads. if you have done this then you will require an exception for ntp updates to pass them as plain DNS because without a proper date/time being set then encrypted DNS will fail due to SSL errors) https://openwrt.org/docs/guide-user/services/dns/adguard-home#bypassing_encrypted_dns_for_ntp the fix is here.
thats dns hijacking to make all your internal clients use AGH and prevent them using hardcoded external DNS.
You dont need this rule. Just enable the Reverse DNS (PTR) lookup internally in AGH and it will call dnsmasq to do internal dns name lookups.
That i've answered a few times in my thread. I guess i really should update the picture in my thread to make it clearer.
Both 192.168.1.1 and 127.0.0.1 will work as they both refer to your router. The differance is one refers to the routers IP and the other is the internal loopback address. The reason i use 127.0.0.1 is for statistics tracking. i can see how many lookups the router does because it will show that as a seperate number.
The encrpytion option is for SSL to AGH home. In order to keep things simple I just had AGH as HTTP on port 8080 because luci takes 80 and SSL 443. If you want SSL connection to AGH you will need to proxy it as per here. https://github.com/AdguardTeam/AdGuardHome/wiki/FAQ#reverseproxy
Also discussed here.
In summary, fix your upstream DNS for your router. Either use my wan DNS script to set your upstream to cloudflare or whoever you want or manually configure it via Luci. That way you can get NTP updates and opkg updates for your router directly. Your router itself does not require filtering via AGH. Only your downstream clients do and they are being passed AGH as primary DNS.