I personally run an OPNSense firewall on a Protectli Vault firewall appliance, they’re pretty small units but powerful enough for what you’re looking for and more I imagine. It sounds like you’ll need an 8 port switch in your cabinet to feed networking into all your rooms then perhaps another 8 port in your office to run your home lab depending what else you’re looking to connect. Make sure you buy managed switches if you’re hoping to do vlans.
I’m also running Unifi APs and manage it via the Unifi Controller Docker container, if you’re buying 8 port switches the PoE variants are pretty affordable to remove the need for PoE injectors, just check the switch PoE budget to ensure you can power all the APs you’re planning and I would suggest buying something name brand and metal cases for performance and longevity.
I personally run an OPNSense firewall on a Protectli Vault firewall appliance, they’re pretty small units but powerful enough for what you’re looking for and more I imagine. It sounds like you’ll need an 8 port switch in your cabinet to feed networking into all your rooms then perhaps another 8 port in your office to run your home lab depending what else you’re looking to connect. Make sure you buy managed switches if you’re hoping to do vlans.
I’m also running Unifi APs and manage it via the Unifi Controller Docker container, if you’re buying 8 port switches the PoE variants are pretty affordable to remove the need for PoE injectors, just check the switch PoE budget to ensure you can power all the APs you’re planning and I would suggest buying something name brand and metal cases for performance and longevity.
Hope that helps