Skip to content

Xiaomi Vacuum setup without Xiaomi Cloud

Jump to bottom Edit New page
Sebastian edited this page Jan 6, 2019 · 11 revisions

This page is work in progress

It is possible to fully set up and control your Xiaomi Vacuum without ever using the Xiaomi app or allow connectivity through the cloud. Using this guide, you'll be able to control your vacuum using Python-miio, or a home automation implementation such as Home-Assistant.

1. Root your device using this guide.

You can use the --disable-xiaomi option when building the firmware to prevent the vacuum from resolving xiaomi cloud servers names.

2. To prevent any data leak, deny the vacuum internet connectivity.

This can be done in multiple ways. The first option was described above, using the --disable-xiaomi build command. This enters common Xiaomi servers to the hosts file, preventing the Vacuum to resolve the DNS entries for these servers. Additionally, you can use iptables on the device itself to prevent any traffic from going outside.

# iptables -A OUTPUT -d 192.168.0.0/16 -j ACCEPT
# iptables -A OUTPUT -d 127.0.0.0/8 -j ACCEPT
# iptables -A OUTPUT -j DROP

Finally, you can deny access in your firewall if you want to be really sure nothing gets out. You need 2 firewall rules (in this order, similar to the ip tables rules above):

  1. Allow traffic coming from the vacuum to your local network
  2. Deny all traffic from the vacuum to anywhere

Local traffic is matched first and allowed, while any other traffic is denied by default.

3. Connect the Xiaomi Vacuum to your own wifi

Get the initial_token first using:

$ mirobo --debug discover --handshake true

With this token call:

$ mirobo --ip=192.168.8.1 --token=initial_token configure-wifi mySSID myPASSWD

After this, your device will generate a new token new_token to be used instead of initial_token. If all went well, you can still connect to your device using SSH. The new token can be obtained by running on the vacuum:

$ printf $(cat /mnt/data/miio/device.token) | xxd -p

Now comes the semi-unknown part. We're not supersure if with the new token, the vacuum accepts commands immediately. If it doesn't, reboot the device (using the reboot command over SSH). After rebooting, try connecting to the device again (using your new token!) with:

$ mirobo --ip=robo_ip --token=new_token status

If it's still not responding, try every hour or so. We're not sure what causes this lack or response, but so far it started working after some time and/or a reboot. (possible explanation: before becoming responsive to the status command the robot tried to resolve ntp servers. After issuing an ntpdate <my_ntp_server_ip> successfully from the command line of the robot it responded immediatly to the status command - anybody can confirm this?) (01/06/2019: Yes, same behavior on my vacuum: Got Flolevac configured but no connect to vacuum. Immediately after ntpdate ptbtime1.ptb.de connection got established)

Add a custom footer

Navigation

Clone this wiki locally