Looking for general advice on how to configure a (somewhat complex) freeradius server

[R3DNano]

Greetings to all.

I'm kind of new to the radius environment and have spent quite some
time for the past weeks going through the documentation and manuals
that I could find online.
I find the wiki pretty complete and the config files are quite well
documented as well. Kudos to the authors.

However, I'm a bit stuck trying to design a somewhat complex structure
inside my server, which has multiple clients (i.e.: wifi controllers,
VPN, etc) and multiple authentication sources (LDAP, different MySQL
databases...) - and don't forget eduroam -

I'm having a hard time trying to decide where to do the decision
making tasks mostly because of fear of configuring it in an improper
way.
My problem is that I don't know if the best practice to tackle the
issue would be to start by setting the clients up and let them all go
through the default server and there, do the decision making with
unlang to authenticate them against the corresponding auth source
depending on ssid, realm etc... or send them to do eduroam proxying
from here, even.

I could really use your expertise in this. I'm not looking for someone
to spoon feed me, just to point me in the right way.
Sometimes, seeing some configuration examples for concrete cases could
help, but I can't really seem to find any of these (logically, people
don't go around sharing their freeradius config).

Thanks.