Commit graph

10 commits

Author SHA1 Message Date
Sulkta
bc631bc112 docs: rewrite README for public release
General-purpose README for external users; tidy CI workflow comment.
2026-06-28 12:53:13 -07:00
Sulkta
6c27b75208 ci: add gitleaks workflow 2026-05-27 22:14:29 -07:00
Sulkta
e0b6fa0baa audit follow-ups: deps floor, LICENSE, gate /debug/redis-keys
- requirements.txt: bump floors past known CVEs (flask>=2.3.2 fixes
  CVE-2023-30861, requests>=2.32.0 fixes CVE-2023-32681 + CVE-2024-35195,
  redis>=5.0 fixes CVE-2023-28858/9).
- LICENSE: add MIT text (README claimed MIT but the file was missing).
- /api/1/debug/redis-keys: require auth. Was unauthenticated info-disclosure
  on the LAN/AP side.
2026-05-27 09:22:12 -07:00
Sulkta
2f0d39baef Require AdaMaps API keys via env (no inline default)
Ingest and read keys are now read from environment variables
instead of inline defaults. Validators hard-fail at boot if either
env var is unset.
2026-05-27 09:17:22 -07:00
Sulkta
bbb0d0d676 fix: GPS from SQLite framekms (confirmed live device schema)
odc-api.db confirmed present on device. framekms table has:
  latitude, longitude, altitude, hdop, satellites_used, time
NOT lat_deg/lon_deg/alt_m/num_satellites as previously assumed.
Redis fallback retained, supports both field naming conventions.
API response format unchanged (still returns lat_deg/lon_deg for client compat).
2026-03-14 20:51:26 -07:00
Sulkta
75a8321014 fix: pre-release review — frames dir, wigle config GET, debug redis-keys endpoint
CRITICAL:
- frames.py: FRAMES_DIR corrected to /tmp/adacam/pics
- frames.py: graceful handling when capture not started

IMPORTANT:
- wigle.py: added GET /api/1/wigle/config endpoint for the companion app
- app.py: added GET /api/1/debug/redis-keys endpoint for GPS troubleshooting
- install.sh: removed python validation that runs from wrong directory
2026-03-14 17:59:08 -07:00
Sulkta
70b677b802 feat: wigle config and status endpoints 2026-03-14 15:49:32 -07:00
Sulkta
990060ac2c feat: bearer token auth, pairing, wifi config, ssh toggle, remove /cmd 2026-03-14 11:47:10 -07:00
Sulkta
7acc5ab088 Initial commit: adacam-api v1.0.0
Clean Python Flask replacement for odc-api (434k lines Node.js → ~350 lines Python)
- GET /api/1/landmarks/last/{N} - last N detections from SQLite
- POST /api/1/landmarks - ingest detections + forward to AdaMaps
- GET /api/1/gnssConcise/latestValid - GPS fix from Redis
- GET /api/1/status - device status
- GET /api/1/deviceinfo - device identity
- GET /api/1/recording/frames/latest - latest frame path

No /api/1/cmd - that's the CVE, it's gone.

Includes:
- SQLite for local storage + offline queue
- Background thread for AdaMaps retry
- systemd service unit
- install.sh for device deployment
2026-03-14 08:13:04 -07:00
Sulkta
5dd91b0b15 Initial commit 2026-03-14 08:11:41 -07:00