New User wondering where to start for ideal set up

Hello, I'm a new user to OpenWrt, I dabbled in DD-WRT for a while but decided I wanted to make the switch to OpenWrt. I was wondering if someone could help point me in the right direction on how to get what I want achieved with my home network.
I live in a duplex with one router (A Netgear Nighthawk XR500 with OpenWrt already flashed) for everyone that lives there, so about 6 people. I'm a privacy conscious person and want to create a few different VLANS or SSIDs (not sure what the proper term would be) to separate the networks as follows:

VLAN1: The main network, this network allows devices on the LAN to talk to each other, such as local FTP servers. There will also be an NGINX server on this network that needs to be port forwarded on WAN, so obviously it should also have access to WAN

VLAN2: The VPN network, this network will connect to a wireguard server I am paying for, I'd still like for devices to be able to talk to eachother on this network (and to the devices on VLAN1 if possible).

VLAN3: The "Guest" network, this is the network I'd like to use for people in the house who do not use FOSS operating systems. I do not want the devices on this lan to be able to talk to eachother. So isolated I guess would be the term? It should still be able to access WAN however, and ideally be able to access the NGINX server from VLAN1 as well.

VLAN4: The VPN Guest network, basically VLAN3 but routed through a wireguard server

VLAN5: The IoT network, I want this to be able to access the NGINX server but not WAN. I have a few IP Cams and smart home devices I'd like to use without them being able to connect to the greater internet to reduce the chance of them being used in a botnet or for spying.

I would also ideally like to have one or two of the ports from the ethernet be connected to VLAN3 as a few of them have Windows devices connected directly to ethernet and having that be able to talk to devices in VLAN1, 2 or 5 would defeat the purpose of this entire project for me.

Any help figuring out how to go about setting this up would be fantastic. I'm not against reading documentation but I know if I just read all the OpenWrt documentation without a starting point I am going to get lost and confused real fast (because I already have gotten lost and confused.) Basically, if it's easier for you to throw documentation at me instead of giving a detailed explanation, let me know where in the documentation to look and how it's relevant because I'm a bit of a slow learner. Thanks in advance :slight_smile:

Start here for minimal network instrumentation with dhcp
https://openwrt.org/docs/guide-user/network/wifi/guestwifi/start

You can play out setup with x86 openwrt in a virtual machine.

Also you need to understand that a VLAN is not an SSID. You can (in fact, probably will by default) assign an SSID ( a wifi specific thing) to a specific VLAN (similar to how you can assign a single VLAN to a physical ethernet port.)