Want to automate my home with a privacy focus (but I'm a bit slow and need help)

I think if you're privacy conscious, you're going to be giving up a lot to get the tooling and automation that smart home tech offers. Most out of the box solutions require internet access (and I strongly agree with /u/shrike and you, it must be considered how everything will work without internet) and offer an app - which guarantees leaked data to the company servers.

My personal set up has no home automation barring a Nest thermostat to replace one from 2 decades ago, and that still tries to "phone home" regularly - which is only visible to me thanks to running a pihole. The moment I step outside of my home and interact with the Nest app, I'm back to square zero on how much of my data (or metadata) is going out and where. For me, personally, a pihole is the place I'd start any amount of automation efforts due to my personal emphasis being more on the privacy than on automation.

Some things worth looking into:

• Z-Wave devices are probably what you're looking for. They don't connect to the internet at all: they talk to a hub which may provide a bridge to the internet, but this hub could be your HomeAssistant server.
• HomeKit has one of the better implementations of basic home automation, assuming you're in the Apple ecosystem. It doesn't work directly with Z-Wave (but does with Matter, whenever things start actually adopting that standard), but you can hook HomeAssistant into it and bridge any smart device into your HomeKit environment. It runs over your local network instead of relying entirely on outside servers.
• For outside access, Tailscale may be worth looking into. It's a mesh VPN (i.e. regular internet traffic doesn't go through it, only traffic between Tailnet devices) and works pretty seamlessly. They have a free tier with a relatively generous number of devices. You can also host a VPN from your own network, but this is a nice and easy way to do it.

Can't offer much help on wiring. Since I live in a small apartment, I've just went all in on Philips Hue bulbs. They're not cheap (and are doing a bit of enshittification with their new account requirement), but the hardware is great. My apartment doesn't get much natural light since it's south-facing into a courtyard so the ability to automatically adjust color temperature throughout the day has been incredibly valuable.

Thermostats you're probably not going to find anything without an app but I'd absolutely consider a good smart thermostat worth it. At my last apartment I installed an ecobee and my electric bill went from $100/mo to $50-60/mo because of its ability to use a motion/temperature probe (there was very poor ventilation where the thermostat was located) and auto-away features.

Home Assistant is the way to go. It has tons of integrations, including Zigbee/Z-Wave and Apple HomeKit. Any accessory that supports HomeKit can be paired directly with Home Assistant via the HomeKit plugin. You get all the benefits of Apple's HomeKit security without being tied to just their ecosystem.

You can use those two systems to build a pretty robust, offline system.

The company behind Home Assistant also offers a remote access subscription for like $5 per month if you don't want to worry about the hassle of setting up remote access yourself.

So, I cannot speak for your existing wiring, but I'm willing to guarantee that the answer is "yes" you can do this.

Home Assistant, OpenHAB, or some other OSS project will be your core. My $0.02 is for Home Assistant, but there is choice out there if you have biases or preferences for the language that things run or are developed in.

You will want to stick with Zigbee, Z-Wave, or Thread devices where possible. None of these are internet-routed communication protocols and all have a pretty rigorous authentication process for allowing devices to join their mesh networks. Won't say that it can't be hacked, but it would be pretty challenging to. Additionally, if you're running the devices from Home Assistant, any telemetry would be opt-in.

In the places where there does not exist a Zigbee, Z-Wave, or Thread device that meets your needs or price-point, there do exist privacy conscious Tasmota or ESP-Home based WiFi options usually as well.

If you're wanting to use Home Assistant's GeoFencing, you're going to need to expose your Home Assistant instance to the Internet. While pretty easily doable, it's not for the feint of heart and my recommendation would be to just pony up and pay for their subscription, help fund the project, and get hassle-free encrypted ingress through a tunnel through their systems so that your phone can ping your system when you leave.

It's 100% doable, but for some things, you will need either some technical know-how or pay a premium for a more privacy conscious product.

I have a 100 year old house in the NYC metro area with horrible wiring and have the majority of the house automated.

Doing a privacy-preserving smart home is absolutely possible! It takes a bit more work than an "out of the box" solution, but you'll know your data will be yours, and as a side effect, you won't be left with expensive bricks if a company goes under.

The absolute heart of your setup will be Home Assistant. You'll need something to run it on - a Raspberry Pi, an old computer, a Docker container on a server somewhere, something like that. If you've got an old Pi lying around, this is a great time to use it. You can even reuse your Pihole device for it - Pihole will happily run as a Home Assistant addon. If not, pick one up with a good microSD card, or get any of the other supported hardware and go ham. I personally use a Raspberry Pi 4 (4GB RAM), and it works fine. Home Assistant doesn't need much compute power.

Once you have HA set up, you can start adding devices to your home. If you're allowed to make changes to your home's electrical setup, smart switches are an easy starting place, and a great improvement with a built-in fallback option (you can always just go flip the switch manually!) Don't go too wild to begin with - over time, you'll find ways to put everything into HA, but start small.

When you're looking for devices, if you're interested in privacy, this should be your order of preference:

• Devices using an open, non-WiFi, communication standard. Zigbee and Z-Wave are the big players here, although Thread is supposed to be the big up-and-coming thing. The advantage of these open standards is that you can connect devices by any manufacturer to devices by any other manufacturer, and they'll work seamlessly. More on those later.
• Wi-Fi devices that use open-source firmware, or can be flashed to the same. A significant amount of home automation gear (smart plugs, sensors, etc) uses the common ESP8266 microcontroller, and there are several open firmwares that can be flashed to those controllers, including Tasmota and ESPHome. If you look for devices that run (or can run) one of those firmwares, you'll know it can be locally controlled and isn't going to snitch on you to anywhere.
• Wi-Fi devices with closed-source firmware that provides local control. This is the minimum bar to be acceptable, and requires putting the device on a separate network or blocking the device from the Internet at the router level. Devices with Apple HomeKit support fall into this category.
• Cloud-dependent Wi-Fi devices: just say "no".

Your absolute best bet will be Zigbee or Z-Wave devices. Matter/Thread is getting there, but isn't ready for prime time yet. Some notes on each of those:

• Z-Wave stuff needs a Z-Wave modem. Aeotec and Zooz make decent ones. Get one with a 700 or 800 series chipset - there are some old models with 500-series chipsets that might not support newer features.
  • Z-Wave stuff is region locked, because it uses different frequency bands in different countries. Make sure what you get is compatible with where you live!
• Zigbee stuff needs a Zigbee coordinator. I'd recommend Sonoff's ZBDongle-E, or Home Assistant's own SkyConnect. These both run a chipset that can also do Thread, once that becomes popular.
  • Unlike Z-Wave, Zigbee stuff uses the same frequency band worldwide, so you can get cheap AliExpress Zigbee devices and know they'll work.
  • Unfortunately, that frequency band is 2.4GHz, which tends to be super crowded with Wi-Fi, and also gets interfered with by USB 3.0 devices. Get a USB extension cable and put your Zigbee modem far away from any Wi-Fi routers you might have.
  • You should also plan out which Zigbee channel you're going to use, since you can't change it after your network is formed. Channel 26 has the least overlap with Wi-Fi, but some devices don't support it. 25 will also work well, assuming you can keep Wi-Fi channel 11 relatively clear. Most devices default to 15, which gets clobbered by Wi-Fi channels 1 and 6, so it's worth changing.

And, lastly, some brand recommendations:

• Zooz makes quality Z-Wave devices at reasonable prices. Their smart switches are quite good - I use a few on my own network.
• Inovelli also makes very good smart switches, in both Z-Wave and Zigbee formats.
• Ikea's Tradfri/Dirigera line is all standards-compliant Zigbee. Skip their hub, since you won't need it, but they're the first place I check for smart light bulbs and remotes.
• Xiaomi's Aqara brand of home automation gear includes some decent-quality, dirt cheap sensors. They do buttons, leak sensors, motion sensors, door sensors, vibration sensors, and more. I've had occasional difficulty with some of their stuff, but for the price, it's hard to beat them. Available on Amazon if you need it quick, or AliExpress for cheaper if you don't mind waiting.
• For open-source-compatible Wi-Fi gear, look at Shelly and some, but not all, of Sonoff's product line. There's also this very comprehensive list of Tasmota-capable devices.