Smart homes are all the rage these days. I've been tinkering with mine for a while now, and I've learned a few things that might save you some time, money and grey hairs. Thought I'd share.

Background

I should know a thing or two about smart homes, I studied a masters in ubiquitous computing back in 2005. I was also an IoT architect at Fresco (formerly known as Drop) for seven years, where I designed and implemented IoT solutions for the kitchen at all the layers of the stack.

So when I bought my house in 2019, I was excited to finally be able to build my own smart home.

The house

This house was built in 2008-2009, it had a bunch of OG smart home features (domotics) supported by arcane protocols like X10. The existing setup didn't offer any possibilities of tinkering with it via API, so it had to be replaced by something more modern.

The initial version

TLDR: Wi-Fi is not a great technology for IoT. Avoid Tuya.

My first push into the smart home world was with Tuya's Wi-Fi devices. They are cheap, that's about the only good thing I can say about them. They are plagued with issues too. Firstly, Wi-Fi is not a great technology for IoT. It suffers from connectivity issues (despite having an access point per floor!) and knowing that all your appliances are connected to China wasn't reassuring either. The light bulbs would lose connectivity periodically and would set themselves into pairing mode, causing the lights to flicker. The Alexa integration was also very flaky, nothing more annoying that when you're trying to control an appliance via voice, and you realize it would have been faster to just get up and do it manually.

Also, don't get me started on Tuya's ridiculous API terms. It's a joke, you're supposed to pay them to access their API. As an individual developer, you can get an extension of up to 6 months and then you need to contact their customer service and ask for another extension. So every X months your whole smart setup stops working.

UPDATE: Tuya has recently released a new home-assistant integration, it's free and it's not limited to 3 months. I haven't tried it yet though.

The current version

The current version uses Zigbee, MQTT and HomeAssistant. It's programmable, reliable, and it's a lot more secure too. This is going to be a somewhat lengthy post, so I've divided it into the following sections:

Networking

This is a big house, 4 stories require a lot of Wi-Fi coverage. I've got a bunch of access points, all of them are from Ubiquiti. I've been a fan of Ubiquiti's Unifi products for a while now. I've been using their access points for years, and it was a no-brainer to go with them for the rest of the network. I've got an Unifi Dream Machine as the router, and a Switch Lite 8 PoE for network segmentation purposes. Access points are WiFi5, not WiFi6. The house is wired with CAT5e, it's a 1gbps network, didn't make sense to invest on WiFi6+ until the house is wired with CAT8.

There's three main networks: iot, home and guest. The iot network is for all the IoT devices, the home network is used by all the personal devices, and the guest network is for guests. The iot network is segmented from the rest of the network, and it can only access the internet. The home network can access the iot network, but not the other way around. The guest network can only access the internet.

I am running Pi-hole on the server as well, it's the DNS server for all the networks. It prevents ads from being displayed on all the devices, and it also blocks malicious domains. It's also acting as the DHCP server for the network.

The server

The server is a fanless Intel NUC from MINIS FORUM. It's running Ubuntu LTS, and it's got a bunch of services running on it:

Smart home

I've got a bunch of smart home devices, they are all Zigbee. Zigbee is a low-power, low-bandwidth mesh network protocol. It's a lot more reliable than Wi-Fi, and it's a lot more secure too. Zigbee devices are slightly cheaper than their Wi-Fi counterparts. The downside is that Zigbee devices require a Zigbee hub, and they are not as easy to find as Wi-Fi devices. I've got a SONOFF USB dongle acting as a hub, it's plugged into the server running HomeAssistant and Zigbee2MQTT.

Zigbee2MQTT is a bridge between Zigbee devices and MQTT. Devices are paired with Zigbee2MQTT, and then they can be used from HomeAssistant via MQTT. Zigbee2MQTT is a great project, it supports a lot of devices, and it's very easy to use.

HomeAssistant is the brains of the operation. It's an open source home automation platform. It's very powerful, and it's very easy to use. It's got a vibrant community, and it's well documented. As it's written in Python it's very easy to extend, and a breeze to deploy. I've got it running dockerized on the server, and it's been rock solid so far.

Security

As mentioned earlier, there's network segmentation between the three main WiFi networks. This ensures that rogue IoT devices or guests can't access the main network and the devices sitting in it. For Zigbee, I have disabled its autojoin feature, no more devices can join the existing network.

I can securely connect to my home network thanks to tailscale. It's a mesh VPN that's very easy to use, and it's free for personal use. It's got clients for Linux, Android, macOS, etc. I cannot recommend it enough.

My network services are protected by Cloudflare's Zero Trust solution, Cloudflare One. Coupled with ufw, this allows me to restrict access to services in the server with a very fine-grained control.

Finally, in the physical security front, there's wireless cameras in the house perimeter. They are all connected to the iot network. When armed, they are configured to send me a push notification when they detect movement, and they also record a short video clip. The clips are stored in the server, and they are deleted after a few days.

Misc

Smart lights

I've got a bunch of smart lights, but they require also a smart switch to be connected to be really smart. Otherwise you can't control them at all if they are off! I've got a few switches and dimmers, they work pretty well.

Automations

There are several automations now in the house. I've got a few simple ones, like a dedicated button to open and close the shutters in the living room. This handy remote also powers more automations in the living room.

There's also the typical ones, like a motion sensor in the kitchen that automatically turns on the lights when it detects movement in the kitchen at night. I've also got a few more complex ones, like a motion sensor in the bathroom that automatically turns on the lights when it detects movement in the bathroom at night, but only if the lights in the bedroom are off. This way I don't get blinded when I go to the bathroom at night.