I really feel like this is a very wide topic and there will be no single tutorial or howto that will cover this completely.
I think your best bet is to start exploring how to create VLANs and experiment from there. Probably the best start is to take a look at the articles about creating VLANs for IOT and Guest, of which there are many.
If you have switches in between your router and the devices from, those switches must be able to handle VLANs.
Most people call them “dumb switches”, “smart switches” or “managed switches”. For VLAN you either need “smart” or “managed”. But you need to check the switch specs anyway.
If everything is connected directly to your router, you don’t need to setup VLANs, since you can directly assign network interfaces to firewall zones. TOS in its default configuration combines them all to a single brigde br-lan but it doesn’t have to be that way.
Or a mixture of both is also possible. Depends on your topology.