Openwrt can run Adguard, and as long as your gateway can run docker, you can probably get pihole working.
Openwrt can run Adguard, and as long as your gateway can run docker, you can probably get pihole working.
For openwrt+wireguard, see: https://cameroncros.github.io/wifi-condom.html
Looks like tailscale should work in openwrt: https://openwrt.org/docs/guide-user/services/vpn/tailscale/start
For the wireguard server, I am using firezone, but they have pivoted to being a tailscale clone, so I am on the legacy version, which is unsupported: https://www.firezone.dev/docs/deploy/docker
Edit: fixed link
That is likely a speed test server within the same data center as your vps, or they have special traffic shaping rules for it.
Try using iperf from your local box to the VPS and see what speeds you get
I think its better to keep your gateway basic, and run extra services on a separate raspi or similar. Let your router/gateway focus on routing packets.