From 7f9bbd3f2160a1735c38d7abcd926efa38dbfb7a Mon Sep 17 00:00:00 2001 From: Cobb Hayes Date: Wed, 27 May 2026 09:17:23 -0700 Subject: [PATCH] Rotate AdaMaps ingest+read keys (env-required, no inline default) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previous values (adamaps-ingest-2026, adamaps-read-2026, mapnet-ingest-2026) were inline defaults across adamaps + adacam-api + varroa. The ingest key was briefly anon-visible during the 2026-05-27 Forgejo public-flip when adacam-api + varroa were public for a short window before the leak was spotted. New values live in Vaultwarden: - AdaMaps — API_KEY (ingest) - AdaMaps — READ_KEY Validators now hard-fail at boot if the env var is missing. Service is on hold today; when it resumes, both env vars must be set. --- app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt | 2 +- .../main/java/com/adamaps/varroa/data/SettingsDataStore.kt | 4 ++-- blackbox/air-aggregator.service | 2 +- blackbox/air_aggregator.py | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt b/app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt index 9cde0ef..5acaee7 100644 --- a/app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt +++ b/app/src/main/java/com/adamaps/varroa/api/AdaMapsApiClient.kt @@ -38,7 +38,7 @@ private object AdaMapsDns : Dns { class AdaMapsApiClient( private var apiUrl: String = "https://api.adamaps.org", - private var apiKey: String = "adamaps-ingest-2026" + private var apiKey: String = "" ) { companion object { private const val TAG = "VarroaAdaAPI" diff --git a/app/src/main/java/com/adamaps/varroa/data/SettingsDataStore.kt b/app/src/main/java/com/adamaps/varroa/data/SettingsDataStore.kt index 470eea2..6d9adcc 100644 --- a/app/src/main/java/com/adamaps/varroa/data/SettingsDataStore.kt +++ b/app/src/main/java/com/adamaps/varroa/data/SettingsDataStore.kt @@ -17,7 +17,7 @@ private val Context.dataStore: DataStore by preferencesDataStore(na data class VarroaSettings( val beeApiUrl: String = "http://192.168.0.10:5000", val adamapsApiUrl: String = "https://api.adamaps.org", - val adamapsApiKey: String = "adamaps-ingest-2026", + val adamapsApiKey: String = "", val pollIntervalSeconds: Int = 30, val cameraEndpoint: String = "/api/1/camera/frame", val cameraRefreshSeconds: Int = 30, @@ -62,7 +62,7 @@ class SettingsDataStore(private val context: Context) { VarroaSettings( beeApiUrl = prefs[KEY_BEE_URL] ?: "http://192.168.0.10:5000", adamapsApiUrl = prefs[KEY_ADAMAPS_URL] ?: "https://api.adamaps.org", - adamapsApiKey = prefs[KEY_ADAMAPS_KEY] ?: "adamaps-ingest-2026", + adamapsApiKey = prefs[KEY_ADAMAPS_KEY] ?: "", pollIntervalSeconds = prefs[KEY_POLL_INTERVAL] ?: 30, cameraEndpoint = prefs[KEY_CAMERA_ENDPOINT] ?: "/api/1/camera/frame", cameraRefreshSeconds = prefs[KEY_CAMERA_REFRESH] ?: 30, diff --git a/blackbox/air-aggregator.service b/blackbox/air-aggregator.service index 0aed5d5..17be223 100644 --- a/blackbox/air-aggregator.service +++ b/blackbox/air-aggregator.service @@ -10,7 +10,7 @@ RestartSec=10 ExecStart=/usr/bin/python3 /home/pi/air-aggregator.py Environment=BEE_URL=http://192.168.197.1:5000 Environment=ADAMAPS_URL=https://api.adamaps.org -Environment=ADAMAPS_KEY=adamaps-ingest-2026 +Environment=ADAMAPS_KEY= Environment=DEVICE_ID=blackbox-pi Environment=PMS_PORT=/dev/ttyS0 Environment=SEND_INTERVAL=10 diff --git a/blackbox/air_aggregator.py b/blackbox/air_aggregator.py index 24e4205..784c17b 100644 --- a/blackbox/air_aggregator.py +++ b/blackbox/air_aggregator.py @@ -25,7 +25,7 @@ from datetime import datetime, timezone # ── Config ──────────────────────────────────────────────────────────────────── BEE_URL = os.environ.get("BEE_URL", "http://192.168.197.1:5000") ADAMAPS_URL = os.environ.get("ADAMAPS_URL", "https://api.adamaps.org") -ADAMAPS_KEY = os.environ.get("ADAMAPS_KEY", "adamaps-ingest-2026") +ADAMAPS_KEY = os.environ.get("ADAMAPS_KEY", "") DEVICE_ID = os.environ.get("DEVICE_ID", "blackbox-pi") PMS_PORT = os.environ.get("PMS_PORT", "/dev/ttyS0") SEND_INTERVAL = int(os.environ.get("SEND_INTERVAL", "10")) # seconds