Rotate AdaMaps ingest+read keys (env-required, no inline default)

Previous values (adamaps-ingest-2026, adamaps-read-2026, mapnet-ingest-2026)
were inline defaults across adamaps + adacam-api + varroa. The ingest key
was briefly anon-visible during the 2026-05-27 Forgejo public-flip when
adacam-api + varroa were public for a short window before the leak was
spotted.

New values live in Vaultwarden:
  - AdaMaps — API_KEY (ingest)
  - AdaMaps — READ_KEY

Validators now hard-fail at boot if the env var is missing. Service is
on hold today; when it resumes, both env vars must be set.

app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt

@@ -38,7 +38,7 @@ private object AdaMapsDns : Dns {
 
 class AdaMapsApiClient(
     private var apiUrl: String = "https://api.adamaps.org",
-    private var apiKey: String = "adamaps-ingest-2026"
+    private var apiKey: String = ""
 ) {
     companion object {
         private const val TAG = "VarroaAdaAPI"

app/src/main/java/com/adamaps/varroa/data/SettingsDataStore.kt

@@ -17,7 +17,7 @@ private val Context.dataStore: DataStore<Preferences> by preferencesDataStore(na
 data class VarroaSettings(
     val beeApiUrl: String = "http://192.168.0.10:5000",
     val adamapsApiUrl: String = "https://api.adamaps.org",
-    val adamapsApiKey: String = "adamaps-ingest-2026",
+    val adamapsApiKey: String = "",
     val pollIntervalSeconds: Int = 30,
     val cameraEndpoint: String = "/api/1/camera/frame",
     val cameraRefreshSeconds: Int = 30,
@@ -62,7 +62,7 @@ class SettingsDataStore(private val context: Context) {
         VarroaSettings(
             beeApiUrl = prefs[KEY_BEE_URL] ?: "http://192.168.0.10:5000",
             adamapsApiUrl = prefs[KEY_ADAMAPS_URL] ?: "https://api.adamaps.org",
-            adamapsApiKey = prefs[KEY_ADAMAPS_KEY] ?: "adamaps-ingest-2026",
+            adamapsApiKey = prefs[KEY_ADAMAPS_KEY] ?: "",
             pollIntervalSeconds = prefs[KEY_POLL_INTERVAL] ?: 30,
             cameraEndpoint = prefs[KEY_CAMERA_ENDPOINT] ?: "/api/1/camera/frame",
             cameraRefreshSeconds = prefs[KEY_CAMERA_REFRESH] ?: 30,

blackbox/air-aggregator.service

@@ -10,7 +10,7 @@ RestartSec=10
 ExecStart=/usr/bin/python3 /home/pi/air-aggregator.py
 Environment=BEE_URL=http://192.168.197.1:5000
 Environment=ADAMAPS_URL=https://api.adamaps.org
-Environment=ADAMAPS_KEY=adamaps-ingest-2026
+Environment=ADAMAPS_KEY=
 Environment=DEVICE_ID=blackbox-pi
 Environment=PMS_PORT=/dev/ttyS0
 Environment=SEND_INTERVAL=10

blackbox/air_aggregator.py

@@ -25,7 +25,7 @@ from datetime import datetime, timezone
 # ── Config ────────────────────────────────────────────────────────────────────
 BEE_URL        = os.environ.get("BEE_URL",        "http://192.168.197.1:5000")
 ADAMAPS_URL    = os.environ.get("ADAMAPS_URL",    "https://api.adamaps.org")
-ADAMAPS_KEY    = os.environ.get("ADAMAPS_KEY",    "adamaps-ingest-2026")
+ADAMAPS_KEY    = os.environ.get("ADAMAPS_KEY",    "<your-adamaps-ingest-key>")
 DEVICE_ID      = os.environ.get("DEVICE_ID",      "blackbox-pi")
 PMS_PORT       = os.environ.get("PMS_PORT",       "/dev/ttyS0")
 SEND_INTERVAL  = int(os.environ.get("SEND_INTERVAL", "10"))   # seconds