Something that hasn’t been mentioned yet is that open wrt works on cheap devices (check compatibility first) including in all in one router / ap combos. For home use, the most likely used feature will be cake qos which will make a difference even without crazy speeds. Though anything that gives security updates is an upgrade from generic consumer routers
For 2 gig internet you will likely need something more powerful, especially if you plan on doing much with your router (like using cake qos). The other challenge is finding a network card that works with 2.5 gb Ethernet. It is relatively easy to find a network card that works at 1G or 10G, but the 2.5G Ethernet cards tend to have issues (I have not personally had issues but forums are full of people having issues with the intel nic cards, even though intel networking cards tend to be recommended generally).
What I ended up getting ( don’t have 2.5G internet speeds, just wanted to mess around with it) was a n100 mini pc from Aliexpress. Serve the home has pretty good recommendations for hardware, and I followed their advice. They also had recommendations for switches that support 2.5G.
As a note, upgrading openwrt on a x86 systems such as a n100 mini pc can be annoying (but doable) especially when upgrading between major versions.
Also I highly recommend posting questions on the openwrt forums as the users there are super helpful, including to users asking questions about what hardware setups are good. It may be a good idea just to get some more perspectives/opinions. Link: https://forum.openwrt.org/
I think you'll be plenty happy with a router/wifi combo. I'm a HUGE fan of having a separate router and WiFi AP's, but that's only because 1) I can afford it, and 2) I'm a nerd and like a bit of a challenge sometimes, and 3) I live in a house and it's beneficial to have multiple access points.
If you want something that will "just work", there are tons of "consumer grade" stuff out there. They aren't necessarily consumer grade because they are bad quality, but it's more the software that is designed to be relatively easy to set up, offering limited options for customized stuff. You'll still be able to do everything you probably want to do, like port forwarding, changing DNS, etc. This includes stuff like Eero, TP Link, etc.
Then you have stuff like MikroTik, which is very affordable but also complex and capable. The hAP series from them are router/wifi combos. They offer a default configuration that will "just work", but from there you can make all sorts of complex configuration changes to your hearts content. Check out The Network Berg on YouTube. One thing to note, people are generally happy with the WiFi from 'Tik devices, but they are not known for having the best WiFi. It'll be stable and work well, but you might not see speeds on par with other brands.
Then you have what you mentioned - OpnSense with other hardware for WiFi. For me, the downsides to this are:
Running dedicated hardware just for this is a waste of electricity.
Whatever you plan on running it on likely only has 1 ethernet port, so now you're spending money on a networking card. There may be a way to run it using a single eth port, in which case you can ignore this I guess.
If you already have a computer on 24/7 for other stuff, you just have reliability to think about. If you have a hardware failure, for me it's faster to replace a router than an entire computer. The likelihood of needing to replace either one is slim, but it's something I consider. Picture this - you update your computer and need to reboot it. It fails to boot after the update and gives you some error messages, but you can't look them up because your router is down.... That sort of thing.
Now back to the pros and cons of having separate router and WiFi AP.
Pros:
Can upgrade either one individually
Can run multiple APs to extend WiFi coverage
Can choose brands based on their reputation. For example (don't take my word on this) MikroTik for router, Unifi for WiFi.
Scratches the nerd itch.
Cons:
If you use different vendors, you'll have different configuration options to deal with. OpnSense can't configure a TP-Link AP, for example.
Adds some complexity. Now you're dealing with more ethernet cable, PoE injectors, and mounting of the AP.
Note that even if you start with an integrated wifi/router you can always by a stand-alone replacement for one function and continue to use the original unit for the other. For instance, I use my ISP supplied wifi router as a router and turn off its wifi, then use mesh wifi for whole house coverage.
It takes a lot of time to do anything the first time
You're always going to be tweaking something
Things are going to break at random times when it's inconvenient
No matter what you do, have an extra cheap open WRT router you can throw in when something breaks.
I for one like unifi, I would recommend their dedicated router product rather than an all-in-one device. You can always run there management software in a docker container when you need it
Well said. I run a mikrotik router for my main network and use unifi APs throughout my house. Took a lot of tinkering to set up and I learned a lot. Very flexible but more expensive and much harder to learn than a simple all in one setup.
Both options will work fine, it's a matter of want not need. Personally I liked having a separate AP in my 1 bedroom appartment, because I could hang it on the ceiling at the center of the appartment and make sure I had good coverage vs a combo router at one corner of the appartment that barely reaches the other end properly because the ISP comes in there. Seperate AP means you can put the AP anywhere which might not be anywhere close to where the ISP comes in or where you have the router for your wired devices.
So ISP comes in in the living room, goes into my router which serves my desktop, TV and consoles wired directly there and one longer ethernet run to the middle of the hallway so I get good WiFi coverage up to the kitchen and patio.