Soldered RAM has better performance and reliability while consuming less power than socketed RAM and users of budget machines rarely want to upgrade. If you find one with socketed RAM at that price, colour me impressed!
Cockpit
I do know about and use Cockpit with said virtual machine manager but I mostly use it as a shutdown/boot/restart app in my phone and a convenient service monitor and log viewer when troubleshooting.
Wireguard/OpenVPN
I really should try out Wireguard sometime but currently OpenVPN is fast enough for my bandwidth and I was already proficient with setting it up before Wireguard.
The WebUI definitely looks useful.
My Debian Hypervisor do have a DE (GNOME) to be able to easily access virtual machines with virt-manager if I mess up their networking, my Debian VMs run CLI only though.
Regarding your last section I agree strongly - I only expose my vpn with no other incoming ports open. You also don't need to invest in a domain if you do it this way.
I don't mind helping my friends install their openvpn client and certificate and it's nice to not have my services bombarded with failed connection attempts.
I definitely agree on starting to tinker right away and to setup snapshot/backup for your stuff and then break it. It also makes one learn how to roll back and restore which is as important as setting up the snapshot/backup in the first place.
Some networking basics (Firewall, VPN, NAT, DHCP, ARP, VLAN) makes every selfhosters life easier.
1b. Your ISP router probably sucks, but you might be able to experiment with some static DHCP at least. I'm a fan of the BSD based routers opnsense/pfsense but depending on what router you have you might also be able to run OpenWrt on your existing router.
Some management system and filesharing basics (NFS, SMB, SSH, SCP and SFTP).
Learning how to set up a backup for your stuff. The hypervisor you choose may or may not have a built in solution.
Being able to selfhost game servers and allow only friends to join is sweet, I wish more games still allowed LAN connections to a selfhosted server without going through online services.
Yeah getting stuck behind CGNAT IPv4 and no IPv6 would break setting up your own vpn server. That would cause me too look for another internet provider.
I only got 100mbps at home so I'm still running openvpn as I don't gain anything worthwhile from wireguard.
Any router that supports latest openwrt will be able to do a mesh network, if you have the option to run cable I would recommend ethernet backhaul instead.
edit 2 adding the openwrt warning here: It is unfortunate that some manufacturers have used the word “Mesh” for marketing purposes to describe their non-standard, closed source, proprietary “roaming” functionality and this causes great confusion to many people when they enter the world of international standards and open source firmware for their network infrastructure.
The accepted standard for mesh networks is ieee802.11s.
The accepted standard for fast roaming of user devices is ieee802.11r.
The Fedora and Debian thread solution should definitely work with Pipewire, as both those distros comes with pipewire default and no changes are discussed.
make it executable with chmod +x necessary-verbs.sh
Create a systemd service in /etc/systemd/system that runs the script at startup: [Unit] Description=Run internal speaker fix script at startup After=getty.target [Service] User=root Group=root Type=oneshot ExecStart=/usr/local/sbin/necessary-verbs.sh RemainAfterExit=yes [Install] WantedBy=default.target
If you start missing the classic taskbar and startmenu it is easily available in GNOME too:
Startmenu: ArcMenu
Taskbar: Dash to Panel
App Indicator: AppIndicator and KStatusNotifierItem Support