Need some help for pfsense Firewall rules

I have built it on my old billing pc having specs:
Intel Celeron ,2GB of RAM, Gigabyte MB supporting gigabit ethernet and a intel pci lan card in PCI express slot for the LAN and WAN.

I am planning to make separate four VLANS:
VLAN 10: Employees and it also include my Linux server for my Software
VLAN 20: Managing Directors and their printers
VLAN 30: CCTV Devices and NAS for storing footages
VLAN 40: Guest WIFI which only have internet access

Can you please help me in creating rules for following :
~VLAN10 can only have access to internet and devices on that VLAN, else everything blocked and also blocked access to Pfsense GUI.
~VLAN20 can have access to everything in which they can access the server on VLAN10 which i will statically configure it ,and also have the access to VLAN30 for viewing cctv footages locally.
~VLAN30 can have access only to the internet and can see the local devices on that vlans and else everything blocked.
~VLAN40 can have access only to the internet else everything blocked including all vlans and blocked access to the Pfsense GUI.

**One more thing to know **
I have tested this build keeping my employee devices and server for a day running on it and it worked fine having a CPU usage of around 6-20% .

Currently am running it on a HDD and whenever I will implement it, I am thinking to put an 120GB of SSD so is there any Special recommendation to remove any file while installation or change any setting after the installation to save my ssd for completing its TBW not very early

Seems fairly straight forward unless I am missing something.
Make an alias with your local subnets in called, for example, “local networks”

vlan 10, 30 & 40
block * for everything but destination: single host or alas - local networks
allow * for everything except maybe source (could set to vlan10 network)

vlan 20 -
allow * for everything except maybe source (could set to vlan20 network)

regarding TBW, maybe send the logs out to a syslog server but I don’t think it will be a problem.

if possible can you share an example alias image coz am totally new to pfsense and networking and having less experience

Give this a go. Obviously you need to replace the IP and subnet given with the actual values in use.

Firewall -> Aliases -> IP -> Add
name: “Local Networks”
Description: “Subnets used in local networks”
Type: Network(s)
Network or FQDN: 192.168.10.1/24
Description: vlan 10 for servers and staff

-> Add network
Network or FQDN: 192.168.20.1/24
Description: vlan 20 for Directors

repeat for all subnets

-> Save

One more favor please!!
Which switch be ok for my requirements

This is advanced one and Fully L2 Manageable :

This one is Semi L2 manageable :

Which one will be best for me ?
Note: I do not need PoE