Hey! Surprisingly there seems to be no posts yet on this topic (beyond security cameras), so…
What are your views on how to approach home automation?
Should one go with zigbee/zwave?
Any solutions that go through wifi seem to be a no-go if you don’t have vlans and separate them from your LAN and router. They all seem to be dependent on the vendor’s cloud, which is out of question.
Also, any good recommendations for a home server? Raspberries lack processing power, x86 PCs either lack security or run IME, ARM Mac minis are way too expensive for that.
For my modest needs a Raspberry Pi running Home Assistant is enough. I use Z-Wave devices for sensors and switches. That gives me one interface on the Raspberry Pi that I need to worry about leaking information to the Internet of being hacked remotely through the Internet to worry about.
What you want and expect from home automation can vary wildly. In my case I don’t need or want voice control nor, for that matter, a control panel. I want it to detect what I am doing on its own and then act accordingly. So I have a fairly small number of automations I wrote myself that are for convenience. And I use it for my alarm system using presence detection to enable/disable.
I consider a “home server” to be a separate function from “home automation”. Again, depending on your needs that may not require a real powerful box. And “home server” could mean a simple file server or a home theater server.
If you want to stream movies from a home server to a TV you can RIP them to a format your TV can use directly and then a very modest box can dish them up. You start to need a powerful box if you are transcoding on the fly. I don’t find that necessary for the DVDs and Blu-ray discs that I own, I simply store them in a format that can be directly used by the TV (or the media play attached to the TV).
And, in general, it doesn’t need to be. It will email and text me for critical things (mostly alarm based events). For other automations that just run when the house is empty (away from home light sequences, etc.) I don’t need a detailed report when I am not home.
But I have my phone automatically VPN to my house whenever I am not at home. The is mostly so that I get some privacy from mobile provider or hotel WiFi when on the road but also so I get my DNS based ad and tracker blocking provided by my home router when I am not home. The side effects of this on demand VPN are that my IP address is always my home and that I can access the boxes in my house, including my HA Raspberry Pi, whenever I have an Internet connection on my phone.
Basically I use measures at home to limit the information my ISP has on me (DoT to NextDNS, HTTPS for all web browsing, TLS on email, etc.) then use my home VPN server to make my portable devices always act as if they are at home.
I could, if desired, set my router to tunnel all my home traffic through a commercial VPN and this setup would still work but would mean a double VPN hop for traffic from my phone when I am out of the house. But for my threat model, simply making it more difficult for my ISP to monitor the content of my Internet access is sufficient.