kayos
37aefb84c8
Clean Python Flask replacement for odc-api (434k lines Node.js → ~350 lines Python)
- GET /api/1/landmarks/last/{N} - last N detections from SQLite
- POST /api/1/landmarks - ingest detections + forward to AdaMaps
- GET /api/1/gnssConcise/latestValid - GPS fix from Redis
- GET /api/1/status - device status
- GET /api/1/deviceinfo - device identity
- GET /api/1/recording/frames/latest - latest frame path
No /api/1/cmd - that's the CVE, it's gone.
Includes:
- SQLite for local storage + offline queue
- Background thread for AdaMaps retry
- systemd service unit
- install.sh for device deployment
1.5 KiB
1.5 KiB
adacam-api
Clean Python Flask replacement for Hivemapper's odc-api — a 434k-line Node.js monolith with a filed CVE. This service runs on the Hivemapper Bee (HDC-S) dashcam as part of the adacam liberation stack.
What it does
- Serves API endpoints for the Varroa Android app and adamaps-forwarder
- Reads GPS data from Redis (
GNSSFusion30Hz) - Stores landmark detections in SQLite
- Forwards detections to AdaMaps API (with offline queuing)
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/1/landmarks/last/{N} |
Last N detections |
| POST | /api/1/landmarks |
Ingest new detection |
| GET | /api/1/gnssConcise/latestValid |
Current GPS fix |
| GET | /api/1/status |
Device status |
| GET | /api/1/deviceinfo |
Device identity |
| GET | /api/1/recording/frames/latest |
Latest frame path |
Note: /api/1/cmd is intentionally NOT implemented — that was the CVE.
Installation
./install.sh
This will:
- Copy files to
/opt/adacam/ - Install Python dependencies
- Enable and start the systemd service
- Generate a device ID on first run
Configuration
Config file: /data/adacam/config.json
{
"device_id": "auto-generated UUID",
"adamaps_key": "adamaps-ingest-2026",
"adamaps_api": "https://api.adamaps.org",
"ap_interface": "wlp1s0f0",
"tunnel_host": "",
"tunnel_user": "",
"tunnel_port": 2222
}
Requirements
- Python 3.8+
- Redis (for GPS/IMU data)
- Flask, redis-py, requests
License
MIT