How to avoid xiaomi sucking up your life? Adding Yeelights? (security and local use)

Hi all
New to HomeAssistant and have been trying to figure out how to use my Yeelights without Xaomi sucking up all my data after seeing how they roll… :face_with_monocle:

Very dodgy that they require you to go through the cloud… so I’m trying to figure out ‘how do i get my lights on my local wifi network without having them snoop everything’. Came across this post - - but seems for more advanced users and wasn’t clear to me.

Was wondering if anyone in the community may be able to please help close some knowledge gaps re the following:

  1. Can one add IoT devices in general to a local network / wifi without divulging info to the producer?
  2. How can I add a YeeLight to my HomeAssistant without connecting it to the wifi? Or is this necessary (i already enabled the ‘developer’ mode on the app via a mobile hotspot network) so am hoping there’s some way…
  3. If i must connect the yeelight to my wifi, won’t giving it my wifi password let them snoop and the local software on the yeelight send data back to xaomi like they do for their other devices? Is there some way to create a sub - wifi password or limited access, or bluetooth or something so that I can ensure Xaomi never gets access to my internet and can only be used locally?

If anyone has views or advice on what to read next this would really help.

Yes. Create an IoT WiFi network for your smart home devices that blocks outside connections, i.e. only works locally.

You can’t, they are WiFi bulbs.

See first comment.

You can block the xiaomi/yeelights from accessing the mothership once you have them setup. You won’t be able to use the native app then of course but they will work fine in HA with the mothership blocked.

Thanks @kanga_who and @DavidFW1960

Is setting up a separate IoT network something you can do via a duel band router – for eg I have a TP-Link vr1600v which offers 2.4 GH and 5Gh wifis – or is it better to buy a completely different router to do this in your view?

I’m not familiar with that equipment, so can’t comment on what it can/cannot do, sorry.

If you are looking to set up a rock solid network for the future, look into Ubiquiti gear. It’s great BFYB and has almost endless options, including creating multiple networks with individual configs.

Thanks Kanga

Is it ok to run HomeAssistant on the internet Wifi (with a WLAN connecting to the 2nd router(IoTWifi) or should HomeAssistant be run from a 2nd computer / rasa pi that connects to the IoT wifi?

Presumably if the first option works, there’s some kind of secure way to pass the local IP info from the IoT wifi to the internet Wifi layer so that HomeAssistant can send and receive messages.
Presume that there’s a way to send

If you run HA on the iot network you will be able to access it only from that network, the same is valid for your lights: if they are on the iot network but HA is on the main network, HA and the bulb won’t be able to comunicate.
To solve this issue the two different networks must be connected with a router, that should also manage the rule to prevent the iot network accessing internet.

Even if is probably a good practice create different networks, if you have only few devices it may be not worth it. You should first check if you tp link can prevent specific devices to talk to the internet, without having to create different networks

I hope to have been helpful

Rob has a number of good videos on how to set up your network with IoT and normal devices. Check his blog and YouTube channel.

Thanks for the comments @lucala and @kanga_who

That tutorial from Rob was good. After some more research I setup a 2 tier router system as described in

My router can blacklist (block) all web traffic to the IoT wifi / router. But I’m not sure if it can route / allow devices / smartlights to talk from the IoT router to the main internet router. So have submitted a ticket.

Tried to add the Yeelights to the IoT Wifi (that has internet blocked) but they wouldn’t sync. I tested a phone hotspot with internet access and they do sync. So i think Xiaomi requires you to sync to the internet for initial setup to work… and then perhaps you can unplug the internet going forward…

This does seem dodgy though. Why do the lights need to talk to the internet to setup? Should they just communicate locally? Anyway, next step is to find out how to find the lights IP addresses to try and allow IoT wifi (after blacklisting) to talk to NAS Home Assistant app on Wifi (with internet).