From 832dd7cbf2b437a384fcba2079daeb78db3d6231 Mon Sep 17 00:00:00 2001 From: Joshua King Date: Fri, 5 Jun 2026 19:45:28 -0400 Subject: [PATCH] hub: default to kiosk mode (empty api_key) for the closed LAN The SPA doesn't send X-API-Key, so a non-empty api_key made the dashboard 401 and show no cameras. Default api_key to "" (no auth) for the closed travel-router network, consistent with anonymous MQTT. Document the kiosk decision, the GoPro Hero 3 protocol, and the gotcha that the pull updater deploys only the binary (config.yaml must be changed on the Pi). Co-Authored-By: Claude Opus 4.8 --- CONTEXT.md | 10 ++++++++++ config.yaml | 7 +++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/CONTEXT.md b/CONTEXT.md index 1d2152f..47a9115 100644 --- a/CONTEXT.md +++ b/CONTEXT.md @@ -183,6 +183,16 @@ reach; the Pi pulls instead. status/heartbeat (numeric `millis()`) — the hub ignores it / stamps server-side. 14. **Legacy id migration:** `handleAnnounce` migrates a MAC registered under a different `camera_id` (e.g. a pre-self-id `cam-NNN`) to the node's self-id. +15. **Kiosk API auth:** `api_key: ""` in `config.yaml` = no auth on `/api/v1/*` + (closed LAN, consistent with anonymous MQTT). A non-empty key requires the SPA + to send `X-API-Key` too, or the dashboard 401s and shows no cameras. +16. **Ops gotcha:** the pull updater swaps only the **binary**. `config.yaml` is NOT + auto-deployed — change it on the Pi (`/opt/remoterig/config.yaml` + restart). +17. **GoPro Hero 3 protocol** (validated on a Silver): API host `10.5.5.9`, status + read `GET /camera/se?t=` (binary, starts with 0x00 — read the stream, not + Arduino String), recording = byte 29, battery = byte 19; record start/stop = + `/bacpac/SH?t=&p=%01/%00`. ESP-01S flashing needs RST tied HIGH (RST→GND + holds it in reset) and a known-good UART adapter (verify with a TX↔RX loopback). ## 10. Conventions diff --git a/config.yaml b/config.yaml index 2058275..3b1c4cb 100644 --- a/config.yaml +++ b/config.yaml @@ -4,8 +4,11 @@ # Database db_path: "remoterig.db" -# API Key for endpoint authentication -api_key: "changeme" +# API key for endpoint authentication. Empty = kiosk mode (no auth) — +# intended for the closed travel-router LAN, consistent with anonymous MQTT. +# Set a value to require the X-API-Key header on /api/v1/* (the SPA would +# then need it too). +api_key: "" # Server settings port: 8080