Plan looks relatively solid, though why not just keep eth1 on switch0, and not faff around with routing between wifi and LAN (at least with your trusted network)?
Not that you cannot / should not do it -- but it will break any streaming you do (as multicast doesn't cross network boundaries).
Post your config too, as having the exact "this is how it's set up" is usually easier to work with / catch errors in than just a description.