Your Phone Is Snitching On You
Google Timeline knows where you ate lunch six weeks ago. Life360 sells your location data to insurance companies — that’s not a conspiracy theory, it came out in court filings. Find My Friends is fine until someone decides to check it at the wrong moment.
Here’s the thing: you’ve got a perfectly capable home server sitting there, and your Home Assistant already controls your lights, your thermostat, maybe even your garage door. What it doesn’t know is where you actually are — and that’s the gap OwnTracks fills.
OwnTracks is an open-source iOS/Android app that publishes your phone’s GPS position to an MQTT broker you control. No Google. No Apple cloud sync. No third-party “family safety” platform harvesting your commute patterns. Just your phone, your broker, your data.
This walkthrough gets you from zero to “lights on when I pull in the driveway” in an afternoon.
What You’re Actually Building
The stack has three moving parts:
- Mosquitto — MQTT broker. Phones publish their location here.
- OwnTracks Recorder — Stores the location history, serves a web frontend.
- Home Assistant — Reads the MQTT stream, knows you’re home, fires automations.
All three run in Docker. Your phones connect to Mosquitto over TLS so your location isn’t traveling the internet in plaintext. Home Assistant’s built-in MQTT device tracker picks up the messages automatically.
Step 1: Deploy Mosquitto with TLS
You need a certificate for your broker. If you’re running Caddy or Nginx with Let’s Encrypt elsewhere on the same host, you can reuse those certs. Otherwise, self-signed is fine for a LAN-only setup — you’ll just need to trust it on your phones.
services: mosquitto: image: eclipse-mosquitto:2.0 container_name: mosquitto restart: unless-stopped ports: - "1883:1883" # plain (internal only — firewall this) - "8883:8883" # TLS (phones connect here) - "9001:9001" # WebSocket (optional, for web clients) volumes: - ./mosquitto/config:/mosquitto/config - ./mosquitto/data:/mosquitto/data - ./mosquitto/log:/mosquitto/log - ./certs:/certs:roNow the config. Drop this in ./mosquitto/config/mosquitto.conf:
persistence truepersistence_location /mosquitto/data/log_dest file /mosquitto/log/mosquitto.loglog_level warning
# Plain listener — bind to loopback onlylistener 1883 127.0.0.1allow_anonymous false
# TLS listener — phones connect herelistener 8883cafile /certs/ca.crtcertfile /certs/server.crtkeyfile /certs/server.keyrequire_certificate falseallow_anonymous false
# Password filepassword_file /mosquitto/config/passwdCreate credentials for your phones (and Home Assistant):
# Create the passwd filedocker run --rm -it -v $(pwd)/mosquitto/config:/mosquitto/config \ eclipse-mosquitto:2.0 \ mosquitto_passwd -c /mosquitto/config/passwd phone_alice
# Add a second user (no -c flag or you'll overwrite)docker run --rm -it -v $(pwd)/mosquitto/config:/mosquitto/config \ eclipse-mosquitto:2.0 \ mosquitto_passwd /mosquitto/config/passwd phone_bob
# Add one for Home Assistantdocker run --rm -it -v $(pwd)/mosquitto/config:/mosquitto/config \ eclipse-mosquitto:2.0 \ mosquitto_passwd /mosquitto/config/passwd homeassistantGenerating Self-Signed Certs (Quick Version)
If you don’t have real certs handy:
mkdir -p certs && cd certs
# CA key + certopenssl genrsa -out ca.key 4096openssl req -new -x509 -days 1826 -key ca.key -out ca.crt \ -subj "/CN=MyHomeMQTT-CA"
# Server key + CSRopenssl genrsa -out server.key 2048openssl req -new -key server.key -out server.csr \ -subj "/CN=mqtt.home.example.com"
# Sign itopenssl x509 -req -days 1826 -in server.csr \ -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crtReplace mqtt.home.example.com with your actual hostname or IP. Whatever your phone will connect to — that’s the CN that matters.
Step 2: OwnTracks Recorder
The Recorder is optional but genuinely useful. It keeps your location history locally, and ships a web frontend so you can see everyone’s tracks on a map without leaving your network.
owntracks-recorder: image: owntracks/recorder:latest container_name: owntracks-recorder restart: unless-stopped ports: - "8083:8083" environment: OTR_HOST: mosquitto OTR_PORT: 1883 OTR_USER: homeassistant OTR_PASS: your_ha_password_here OTR_STORAGEDIR: /store volumes: - ./owntracks/store:/store depends_on: - mosquittoNote: the Recorder talks to Mosquitto over the plain 1883 port since they’re on the same Docker network — no TLS needed for that hop.
The web frontend lands at http://your-server:8083/. It’s not pretty, but it shows you a map with track lines, and you can scrub through history. Handy for “wait, why did my wife’s phone say she was at the airport last Thursday.”
Step 3: Phone Setup
Install OwnTracks from the App Store or Play Store. The settings screen is a wall of fields — here’s what actually matters.
In the app, go to Preferences → Connection:
- Mode: MQTT
- Host:
mqtt.home.example.com(or your server’s IP) - Port: 8883
- TLS: On
- Username / Password: the credentials you created (e.g.,
phone_alice/ that password) - Device ID: Something short, like
aliceoriphone - Tracker ID: Two chars max, shows on the map —
al,bo, whatever
If you used self-signed certs, you need to trust the CA on the device:
- iOS: Email yourself
ca.crt, open it, go to Settings → General → VPN & Device Management → install it, then Settings → General → About → Certificate Trust Settings → enable it - Android: Settings → Security → Install certificates → CA certificate → pick your
ca.crt
Once connected, the app shows a green dot and starts publishing. You should see messages appearing in Mosquitto’s log almost immediately.
Verify It’s Working
# Subscribe to all OwnTracks topics to see live updatesdocker exec -it mosquitto mosquitto_sub \ -h localhost -p 1883 \ -u homeassistant -P your_ha_password_here \ -t 'owntracks/#' -vYou should see JSON messages like:
owntracks/alice/iphone {"_type":"location","lat":37.7749,"lon":-122.4194,"acc":10,"tst":1750000000,"batt":82}If that’s showing up, your phones are talking to your broker.
Step 4: Home Assistant Integration
MQTT Broker Configuration
In HA, go to Settings → Devices & Services → Add Integration → MQTT.
Fill in:
- Broker: your server IP
- Port: 1883 (internal) or 8883 if HA is on a different machine
- Username:
homeassistant - Password: the one you set earlier
HA will auto-discover OwnTracks devices if you have the OwnTracks integration enabled. Check Settings → Devices & Services — you should see a new “OwnTracks” card appear after your phones publish their first location.
Alternatively, explicitly enable it in configuration.yaml:
owntracks: max_gps_accuracy: 200 # ignore fixes worse than 200m waypoints: true # accept waypoint/region messages from phones mqtt_topic: "owntracks/#"Restart HA. Within a minute or two, you’ll see person entities for each tracked phone under Settings → People — assuming you’ve linked them to HA people/users.
Linking to People
In HA, go to Settings → People, edit a person, and under Linked Devices add the OwnTracks tracker for their phone. Now the person entity (person.alice) shows home or not_home based on the GPS position.
Step 5: Geofences and Waypoints
OwnTracks supports two kinds of boundaries:
App-side waypoints: Defined in the OwnTracks app under Preferences → Regions. The phone monitors these locally and publishes a transition event (enter/leave) to MQTT. Battery-friendly since the phone’s geofence API handles it natively.
HA zones: Define zones in HA (configuration.yaml or via the UI) and HA calculates presence from the raw GPS coordinates.
You want both. Use app-side waypoints for your home (fast response, battery-efficient). Use HA zones for secondary locations like “work” or “gym” where you want automations but don’t need sub-second response.
In the OwnTracks app:
- Tap the map long-press → Add Waypoint
- Name it
home(exactly — HA matches on this name for thehomezone) - Set radius: 100m is usually fine, 200m if your GPS is wobbly
- Enable Share so it publishes to MQTT
In configuration.yaml for HA zones:
zone: - name: Work latitude: 37.7900 longitude: -122.4000 radius: 150 icon: mdi:briefcase
- name: Gym latitude: 37.7800 longitude: -122.4100 radius: 100 icon: mdi:dumbbellStep 6: Automations That Actually Matter
This is why you went through all this trouble. Some useful examples:
Lights On When First Person Arrives
- alias: "Arrive Home: Welcome Lights" trigger: - platform: state entity_id: group.family to: "home" from: "not_home" condition: - condition: sun after: sunset action: - service: light.turn_on target: area_id: living_room data: brightness_pct: 80 kelvin: 3000Last One Out: Security Mode
- alias: "Depart Home: Everyone Gone" trigger: - platform: state entity_id: group.family to: "not_home" action: - service: alarm_control_panel.alarm_arm_away target: entity_id: alarm_control_panel.home - service: climate.set_hvac_mode target: entity_id: climate.thermostat data: hvac_mode: "away" - service: light.turn_off target: area_id: allNotify When Someone Leaves Work
- alias: "Alice Leaving Work" trigger: - platform: state entity_id: person.alice from: "Work" action: - service: notify.bob_phone data: message: "Alice just left work. ETA ~25 min."The group.family in the first two automations is a group entity that reflects “home” when any member is home. Create it under Settings → Helpers → Group.
Battery Drain: The Honest Numbers
OwnTracks has two tracking modes:
Significant location changes (Move mode off): The phone only publishes when iOS/Android’s significant-change API fires — basically when you change cell towers. Battery impact is negligible, maybe 1-2% per day. The trade-off: home/away transitions can lag 2-10 minutes.
Move mode on: The phone actively polls GPS at a configurable interval. Much faster transitions (30-60 seconds), but you’ll see 8-15% extra battery drain per day on a typical commute.
For most people: leave Move mode off. The 5-minute lag on “Alice is home” before the lights turn on is annoying exactly once, and then you stop caring. Your phone’s battery matters more than instant automation.
If you drive an EV and the car is charging anyway, enable Move mode on the in-car phone. Best of both worlds.
OwnTracks vs. The Alternatives
Google Timeline / Find My Friends: Convenient, free, thoroughly surveilled. Google knows when you left the bar at 11 PM. Life360 literally sold driving behavior data to insurers. If that’s fine with you, great — but you’re here, so it probably isn’t.
GPSLogger: Good self-hosted option, no built-in HA integration. More setup for less payoff.
Traccar: Full fleet tracking platform, massive overkill for a household. Great if you have company vehicles; weird if you’re just tracking your family.
OwnTracks: Hits the sweet spot. Purpose-built for exactly this use case, solid HA integration out of the box, active development, iOS and Android, no server-side processing you don’t control.
The one thing OwnTracks doesn’t do well: indoor positioning. When your phone is in your basement surrounded by concrete, GPS goes fuzzy. The max_gps_accuracy setting filters out garbage fixes, but you might still see phantom “not home” blips. Combine it with a WiFi-based presence sensor (ESPresense via ESP32 Bluetooth scanners, or just HA’s companion app on local WiFi) if you need rock-solid indoor accuracy.
The Bottom Line
OwnTracks is the boring-right answer to private location tracking. No accounts to create, no subscriptions, no terms of service that let a marketing company license your commute. Your MQTT broker, your Recorder, your data.
The setup takes an afternoon — mostly the TLS cert dance and trusting it on your phones. After that it just runs. The automations pay for themselves within a week: “lights on when I get home” sounds trivial until you’ve had it for a month and then experience a power outage that breaks it.
If you’ve already got Mosquitto running for other HA integrations, adding OwnTracks is genuinely a 30-minute job. If you’re standing up Mosquitto fresh, budget two hours and follow the TLS steps exactly. Self-signed certs on iOS are fiddly the first time.
Self-host your location. It’s your data. Act like it.
