FWIW, I'm quite happy with my RPI-on-a-stick in our summer house:
No need to mess with USB ethernet as long as you're happy sharing the single gig between WAN and LAN.
The switch is a ZyXEL GS1900-10HP running OpenWrt. It is powering the RPI4, which has an PoE hat, and a couple of Unifi 6 Lite access points (wanted LRs, but couldn't get hold of them). The Internet VLAN on the fibre port is trunked to the RPi4 as WAN, and so are the two LAN/WiFi networks from the U6s. Works for me.
FWIW, the RPI4 is not running OpenWrt. It is running Debian bullseye (the real one). Not becasue it could't run OpenWrt, but simply because I am more used to configuring Debian servers. And it is much more server than router, really.