As @craigevil already said most of what is mentioned in that guide seems like waste of time. fail2ban I only run on systems running 247 so usually no not on desktops. As for changing the default ssh port, I only give access to my ssh port for specific ip addresses doing firewall whitelisting. Firejail sounds interesting and fun but seems to much like a PITA for daily use, although I have to admit I never tried it. Currently playing around with podman en containers on my homeserver and that is already a PITA because it's a different way of doing things.
All you need to do once you have it installed is changed the command in the menu or desktop file for the apps you want to firejail.
See the examples on the above page.
Next time I am bored or have some time off I will have a look at Firejaill, that way I will at least know what I'm talking about with some actual Firejail experience
For the longest time, I ran my default browser in a jail automatically. I did the same with other software that connected to the 'net, such as my IRC client. If I picked up potentially sketchy software, I'd run that in a jail as well.
I haven't bothered setting it up on all three of the devices I use most frequently. It is installed on one box that I use exclusively for testing things. I've been a bit negligent with the other two as those are recent upgrades to Lubuntu 20.04 and that meant clean installs.