Environment Variables
All configuration is loaded via a .env file in the project root. Copy .env.example to .env and populate each value before starting the server.
Reference
| Variable | Required | Description |
|---|---|---|
NODE_ENV | No | development or production. Affects logging behavior. |
PORT | No | Server listen port. Defaults to 3000. |
CESIUM_ION_TOKEN | Yes | Cesium Ion access token. Needed for Google 3D Tiles (asset #2275207). Get one at ion.cesium.com. |
TOMTOM_API_KEY | Yes | TomTom Maps API key for live traffic tiles. A fallback key is hardcoded but may be rate-limited. Get one at developer.tomtom.com. |
AIRNOW_API_KEY | Yes | AirNow API key for real-time AQI data. Free registration at docs.airnowapi.org. |
NY511_API_KEY | No | 511NY API key. Used by the /ny511-cameras proxy endpoint (not the primary camera source). |
TRAFFIC_VIEW_API_KEY | Yes | TrafficView API key for FDOT CCTV cameras. Used by /fdot-cameras. |
EM_FIREBASE_API_KEY | Yes | Firebase Web API key for the Emergency Management project (CORD2). Used to obtain an anonymous Firebase ID token to authenticate CORD2 Cloud Function calls. |
FIREBASE_SERVICE_ACCOUNT_JSON | Yes* | Full Firebase Admin service account JSON as a single-line string. Used in production/Render for CO₂ sensor Firestore access. |
FIREBASE_SERVICE_ACCOUNT_PATH | Yes* | Relative path to a Firebase Admin service account JSON file. Used for local development instead of the JSON env var. |
NOTEHUB_PROJECT_UID | No | Blues Notehub project UID. Used by the legacy /sensor-data endpoint (Notehub-sourced sensors). |
NOTEHUB_ACCESS_TOKEN | No | Blues Notehub bearer token for /sensor-data. |
CODETR_API_KEY | No | Co-DETR (camera interoperability) API key. Exposed to the client via /config. |
* Exactly one of FIREBASE_SERVICE_ACCOUNT_JSON or FIREBASE_SERVICE_ACCOUNT_PATH must be set for CO₂ sensor and history endpoints to function.
Loading Priority for Firebase Credentials
The server checks credentials in this order:
FIREBASE_SERVICE_ACCOUNT_JSON(preferred for cloud deployments — no file path issues)FIREBASE_SERVICE_ACCOUNT_PATH(relative to project root — preferred locally)
If neither is found, CO₂ sensor endpoints return 503 Service Unavailable.
Client-Exposed Variables
The /config endpoint exposes a safe subset to the frontend:
{
"cesiumIonToken": "...",
"codetrApiKey": "..."
}
No secret keys (Firebase, TomTom, AirNow, etc.) are ever sent to the client directly — they are always used server-side as proxy credentials.
Example .env
NODE_ENV=development
PORT=3000
CESIUM_ION_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
TOMTOM_API_KEY=your_tomtom_key_here
AIRNOW_API_KEY=your_airnow_key_here
TRAFFIC_VIEW_API_KEY=your_trafficview_key_here
EM_FIREBASE_API_KEY=AIzaSy...
# Local dev: use file path
FIREBASE_SERVICE_ACCOUNT_PATH=co2_firebase_utils/service_key.json
CODETR_API_KEY=your_codetr_key_here