Cobb Hayes
1c8d211ac4
- app/build.gradle.kts: remove hardcoded keystore password (was '***REMOVED***' in 4 spots across a duplicated signingConfigs block). Now reads VARROA_KEYSTORE_PATH + VARROA_KEYSTORE_PASSWORD + VARROA_KEY_PASSWORD from env. Password vaulted as 'Varroa — release keystore'. Drops orphan zxing/camera deps that aren't wired up. - app/src/main/res/xml/network_security_config.xml: tighten cleartext scope from global to just 192.168.0.10 (Bee AP). HTTPS strict for everything else. - app/src/main/java/.../api/AdaMapsApiClient.kt: drop apiKey.take(8) in log to apiKey.length — no need to leak prefix to logcat. - README.md: add. Public repo without one was a bad first impression. - docs/BEE-CAMERA.md: rewrite (811→467 lines). Keep all paths, pinouts, bus diagrams, depthai/VPU/xlink details, intercept architecture. Strip Executive-Summary framing, verdict box, phased roadmap, appendices. - docs/AIR-QUALITY-INTEGRATION.md: rewrite (712→369 lines). Keep BOM, sensor comparisons, wiring, IAQ calc, ingest endpoint shape. Strip feasibility-report scaffolding. - docs/AIR-API-PATCH.py: delete. Was a one-shot apply-and-discard patch script, not docs.
12 lines
526 B
XML
12 lines
526 B
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<network-security-config>
|
|
<!-- HTTPS strict everywhere by default. -->
|
|
<base-config cleartextTrafficPermitted="false" />
|
|
|
|
<!-- Bee AP runs HTTP on the device-AP subnet — there's no real
|
|
alternative without breaking the Bee protocol. Scope the
|
|
cleartext exception to just that one host. -->
|
|
<domain-config cleartextTrafficPermitted="true">
|
|
<domain includeSubdomains="false">192.168.0.10</domain>
|
|
</domain-config>
|
|
</network-security-config>
|