This is very much a matter of perspective and requirements.
Such a guide will not be useful for most users. Not every user wants what you do (in fact, most probably have different combinations of needs/wants/requirements).
It depends on many factors.
VPNs have their use, but many people think that they provide ultimate privacy. They don’t. They simply shift the privacy considerations to the vpn providers. Which ones, if any, that can be truly trusted is a hotly debated topic and is out of scope on these forums.
Openwrt can already do this. How do you expect this to improve your privacy or protection?
Two entirely different things.
Don’t disable ssh. If anything, this will cause you more trouble than it is with and it will not improve your security posture. Disabling ssh passwords (in favor of certificates) is a way to improve things.
Ipv6 is not going to improve your security either, assuming your firewall is properly configured (default state is good). It comes down to the question of if you need ipv6 or not.
These have nothing to do with security or privacy.
Minimal gains to be had here. It can be done, but just don’t give users who don’t need to administer the router any access. If you are sharing files or other services, you can set up non privileged users.