25
votes
Want to automate my home with a privacy focus (but I'm a bit slow and need help)
Hey folks - I've been wanting to go whole hog on automating my home, I read through this smart home automation - tips and tricks thread started by @Merry and had a lot of useful information.
Some of the things I took away from it:
- Home assistant is pretty great (if you don't mind tinkering)
- Getting something that will boot back up after a power failure is great
- Use smart plugs / switches vs bulbs
- Maintain it's usefulness if there is an internet outage
Like I mentioned I'd really like for this to be privacy focused and mostly self contained. Sure I'd love to be able to control stuff from my phone while I'm home and also recognize that I'm home or away.
I just am a bit smooth brained when it comes to even seeing "would something like this work with the wiring / circuity that I have in my home already?"
If there are any good guides to follow or really specific advice / steps I could follow to begin this process I'd really appreciate it.
I think if you're privacy conscious, you're going to be giving up a lot to get the tooling and automation that smart home tech offers. Most out of the box solutions require internet access (and I strongly agree with /u/shrike and you, it must be considered how everything will work without internet) and offer an app - which guarantees leaked data to the company servers.
My personal set up has no home automation barring a Nest thermostat to replace one from 2 decades ago, and that still tries to "phone home" regularly - which is only visible to me thanks to running a pihole. The moment I step outside of my home and interact with the Nest app, I'm back to square zero on how much of my data (or metadata) is going out and where. For me, personally, a pihole is the place I'd start any amount of automation efforts due to my personal emphasis being more on the privacy than on automation.
Totally get that I'd be giving up a lot due to no OOTB solutions / app connectivity. I am fine taking the time to learn how to do some scripting and connecting things that way.
I imagine using more sensors and timing for lights, fans, etc; I also want to set up a little box to run Kodi off of for the main TV as well.
As far as the PiHole goes I've been wanting to do something like this as well - and upgrading my router / mesh is on the list. I hear you saying I should probably start here and expand from that.
I have my router setup with OpenWRT with a separate WiFi network for IoT devices. This way these devices only have internet connectivity. You can also make some traffic rules so devices cannot call home.
Little heads up, learning curve might be steep but for me it was definitely worth it.
A little bit of a learning curve doesn't scare me as long as there are resources to learn it.
If you have Pihole already running, it may be worth it to look into Tailscale. There is an option to designate machines in your Tailnet as the DNS server(s). It's great leaving the house knowing that my phone, laptop, and tablet DNS requests are going to my Pihole and its blocklist.
This is the second time Tailscale has come up. It seems I really should upgrade the router and get pihole running in it with Tailscale.
Some things worth looking into:
Can't offer much help on wiring. Since I live in a small apartment, I've just went all in on Philips Hue bulbs. They're not cheap (and are doing a bit of enshittification with their new account requirement), but the hardware is great. My apartment doesn't get much natural light since it's south-facing into a courtyard so the ability to automatically adjust color temperature throughout the day has been incredibly valuable.
Thermostats you're probably not going to find anything without an app but I'd absolutely consider a good smart thermostat worth it. At my last apartment I installed an ecobee and my electric bill went from $100/mo to $50-60/mo because of its ability to use a motion/temperature probe (there was very poor ventilation where the thermostat was located) and auto-away features.
For a while I had wifi bulbs (Wyze) that required a cloud connection. IIRC one time AWS was having major issues and I realized I couldn't turn off my lights... (at least without manually turning off every fixture). A while back I replaced them with Phillips Hue bulbs (which use ZigBee) and it's so much nicer. I'm not sure I'd recommend Phillips Hue specifically at this point, but there are other ZigBee or Z-Wave options. Also, it's so snappy! You don't realize just how much of a delay there is when you have to send an API call out to the Internet and back until you have fully local control.
There exist Z-Wave Thermostats and a few Zigbee ones as well.
I’ve only dabbled in this space with a few smart lights but isn’t HomeKit generally the better ecosystem to buy stuff for if you have to choose, with its protocols tending to be local-first and thoroughly reverse engineered, even if you’re not in the Apple ecosystem?
Historically I’ve avoided Google Home or Alexa stuff, because they’re both much more dependent on their respective motherships and are a pain to get working with e.g. HomeAssistant.
This is my experience, although I am balls deep in the Apple ecosystem other than a few PCs I have.
HomeKit allows me, on the router, to prevent external access unless it goes through HomeKit or my VPN and it works really well with HomeAssistant. I have verified via network tools that nothing is phoning anywhere unless I’ve explicitly set it up to be able to in HomeKit. It even has 3 layers of control - full network, network only for HomeKit approved domains (Apple requires that HomeKit certified vendors provide a list of dedicated URLs for connection as part of the HomeKit certification), or no access. This means I can trust everyone, trust just the vendor, or trust no one.
That seems like it makes things less of a headache for certain; I can't remember the last time I owned an apple device.
I've mostly committed to "this is going to take time and lots of head scratching" for myself at this point.
The only part of it that took any head-scratching was the HomeAssistant setup and even that was minimal. If you’re comfortable with Unix and Docker, even that part is easy and the head-scratching is just making decisions that you may not be certain about for the future.
I am not comfortable with Unix and Docker; really this whole project is also an opportunity for me to learn more about coding, unix, and other bits of scripting.
This is helpful for certain.
I currently have a Nest thermostat but am looking to switch to Ecobee in the future.
I'll look into zwave and see what I can figure out with those systems.
I am not on the apple ecosystem, so that won't work. How does homekit differ from HomeAssistant? As I thought HomAssistant was that central home automation tool?
HomeKit's one of the smart home protocols, not worth fussing with unless you have an iPhone etc (it's what the Home app on iOS uses). It's just what I'm currently using over HomeAssistant because it works well enough and I haven't reconfigured my HomeAssistant server for my new place yet. One of its key benefits is if you have a device like an Apple TV box it'll automatically use that device as a gateway to your home's devices from the internet, but you can achieve similar results with HomeAssistant and a VPN.
Awesome, thanks for clarifying for me.
I’ve an iPhone and HomeAssistant works well as a main hub for everything, exposed to HomeKit as an interface. It’s nice in its readily available on all my Apple devices and reliable. It also doesn’t require exposing my network to the internet.
Home Assistant is the way to go. It has tons of integrations, including Zigbee/Z-Wave and Apple HomeKit. Any accessory that supports HomeKit can be paired directly with Home Assistant via the HomeKit plugin. You get all the benefits of Apple's HomeKit security without being tied to just their ecosystem.
You can use those two systems to build a pretty robust, offline system.
The company behind Home Assistant also offers a remote access subscription for like $5 per month if you don't want to worry about the hassle of setting up remote access yourself.
So, I cannot speak for your existing wiring, but I'm willing to guarantee that the answer is "yes" you can do this.
Home Assistant, OpenHAB, or some other OSS project will be your core. My $0.02 is for Home Assistant, but there is choice out there if you have biases or preferences for the language that things run or are developed in.
You will want to stick with Zigbee, Z-Wave, or Thread devices where possible. None of these are internet-routed communication protocols and all have a pretty rigorous authentication process for allowing devices to join their mesh networks. Won't say that it can't be hacked, but it would be pretty challenging to. Additionally, if you're running the devices from Home Assistant, any telemetry would be opt-in.
In the places where there does not exist a Zigbee, Z-Wave, or Thread device that meets your needs or price-point, there do exist privacy conscious Tasmota or ESP-Home based WiFi options usually as well.
If you're wanting to use Home Assistant's GeoFencing, you're going to need to expose your Home Assistant instance to the Internet. While pretty easily doable, it's not for the feint of heart and my recommendation would be to just pony up and pay for their subscription, help fund the project, and get hassle-free encrypted ingress through a tunnel through their systems so that your phone can ping your system when you leave.
It's 100% doable, but for some things, you will need either some technical know-how or pay a premium for a more privacy conscious product.
I have a 100 year old house in the NYC metro area with horrible wiring and have the majority of the house automated.
Super helpful; I've got 125 year old home that has wiring in a whole mishmash of states (some knob and tube, other bits some what modern).
If I'm reading this correctly Home Assistant has a subscription? I'm not finding on their page - do you have a link to it so I can read more about it.
I'm trying to learn python better so this seems like a good excuse to continue with that.
As far as switching over sockets and switches - is it pretty straight forward as long as I know the right charges for things?
Subscription is optional and info available here.
Sockets tend to be straightforward. Switches often are not as many require a neutral wire which you may not have.
Again, super helpful, thanks so much!
Doing a privacy-preserving smart home is absolutely possible! It takes a bit more work than an "out of the box" solution, but you'll know your data will be yours, and as a side effect, you won't be left with expensive bricks if a company goes under.
The absolute heart of your setup will be Home Assistant. You'll need something to run it on - a Raspberry Pi, an old computer, a Docker container on a server somewhere, something like that. If you've got an old Pi lying around, this is a great time to use it. You can even reuse your Pihole device for it - Pihole will happily run as a Home Assistant addon. If not, pick one up with a good microSD card, or get any of the other supported hardware and go ham. I personally use a Raspberry Pi 4 (4GB RAM), and it works fine. Home Assistant doesn't need much compute power.
Once you have HA set up, you can start adding devices to your home. If you're allowed to make changes to your home's electrical setup, smart switches are an easy starting place, and a great improvement with a built-in fallback option (you can always just go flip the switch manually!) Don't go too wild to begin with - over time, you'll find ways to put everything into HA, but start small.
When you're looking for devices, if you're interested in privacy, this should be your order of preference:
Your absolute best bet will be Zigbee or Z-Wave devices. Matter/Thread is getting there, but isn't ready for prime time yet. Some notes on each of those:
And, lastly, some brand recommendations:
Thanks for all this info - it's super helpful.
I don't have an old pi lying around - so suggestions on this are great. Is there a way to set these up so if there is a power outage these will automatically restart and get going?
I think I'll probably go with zigbee so I can utilize some of the Ikea smart lighting stuff / sensors / etc. Also getting the HomeAssistant sky connect seems like a reasonable way to get this set up as well.
I'm planning on getting a new router - do you have any suggestions on what to look at - this was what I was going to try and set up my pihole with, but I just need to learn more about pihole and how to set it up. As you mentioned I could use the same HomeAssistant hub for this as well.
IIRC most of the single-board computers like the Pi are set to auto start when power is applied, so they should come up automatically.
Zigbee is definitely a good place to start. Don't forget you can mix and match multiple types of smart devices! I personally use a mix of Z-Wave, Zigbee, and Wi-Fi devices.
As for routers - if you want something you can control locally and hack on if you need to, get something capable of running OpenWRT. I personally use an old Sophos XG105 running OpenWRT as my firewall/router, and two Dynalink DL-WRX36 devices as Wi-Fi access points.
Awesome!
Super helpful info; what I hear you saying is that I need to look into routers that can run OpenWRT.
Also I kinda smacked my head when you said that a mix can run, I had been reading up on Home Assistant and it makes sense being able to bring all those device types under one hood.