i would install the guest-tools right from the start after base install of the os.
create min 3 nodes, install them as you like with guest-tools and then install the first rke2-node. read the docs how to config metallb on rke2. you have to do a small config tweak in the nginx ingress controller config
then add the other nodes.
to manage rke2 i would use openlens.
you can use democtratic-csi but be aware that you completely trust truenas and this opensource-project for your data. i dont think that i would go this route when i am not expirienced with k8s.
i would use the nfs-provisioner and when everything works fine and you have a solid csi-enabled backup you can add democratic-csi in the mix.
for us, backup and restore was the biggest problem. in theory everything seebs easy with k10 or velero but if you completely shoot your cluster you will have a very hard time.
to be honest, after 6 month and some installations we gave up on k8s and migrated our customers and our internal IT to a setup where we use openSuse MicroOS VMs for every docker-compose project. We now have approximately the same amount of VMs which we had as namespace but with the benefit of complete control over resources with very little overhead. And we have the benefit of an optimal backup and restore.
K8S bite me quite a bit too often 😉