I know businesses that have these setups and outside tech support to maintain them. I've also seen them have all kinds of issues when routers are replaced or they change ISPs. That's why I was saying a company could sell a box preloaded with Tailscale and a custom installer that walks a non-technical person through it. The default setup for a tailnet is pretty safe. Yeah you could have your own signaling servers or whatever, but TS usually manages to punch right through most NAT issues. They don't need a reverse proxy to login to their private webserver, although I guess you could provide that as an add-on service. They just need TS on their phone.

[edit] To my mind, the biggest hurdle wouldn't be networking to allow this box to host its own app that was accessible to the user from elsewhere. The hurdles would be things like lack of "smart" reporting / facial recognition, backup power, backup connectivity, etc..But in theory, a repurposed smartphone as the platform could solve the backup power and connection issues.