docs(web-console): fix stale http:// URLs — the console serves HTTPS on :47992
ci / docs-site (push) Successful in 48s
ci / web (push) Successful in 53s
docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 10s
decky / build-publish (push) Successful in 17s
docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 9s
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 14s
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 7s
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 52s
arch / build-publish (push) Has been cancelled
ci / bench (push) Has been cancelled
ci / rust (push) Has been cancelled
deb / build-publish (push) Has been cancelled
android / android (push) Has been cancelled
apple / swift (push) Has been cancelled
apple / screenshots (push) Has been cancelled
docker / deploy-docs (push) Has been cancelled
rpm / build-publish (43, bazzite, punktfunk-fedora-rpm) (push) Has been cancelled
rpm / build-publish (44, fedora-44, punktfunk-fedora44-rpm) (push) Has been cancelled
windows-host / package (push) Has been cancelled

The punktfunk-web unit serves HTTP/1.1 over TLS with the host's own
self-signed identity cert, but several guides still told users to open
http://<host>:47992, which fails. Correct the scheme everywhere and note
the one-time browser cert warning in the canonical + SteamOS docs.

The RPM %post web hint was doubly wrong (http://<host-ip>:3000): wrong
scheme and wrong port — the service listens on :47992, not the :3000 dev
default. Also fixes scripts/web-init.sh, so the URL the SteamOS/Linux
installer prints at the end of setup is correct too.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-07-12 12:14:52 +02:00
parent ad532b08a0
commit 63bc2bb10f
8 changed files with 12 additions and 10 deletions
+1 -1
View File
@@ -85,7 +85,7 @@ fallback without one. More detail — including the CLI `punktfunk-host service
systemctl --user enable --now punktfunk-web
```
Then open `http://<host-ip>:47992`. Reading its [login password](/docs/web-console#login-password)
Then open `https://<host-ip>:47992`. Reading its [login password](/docs/web-console#login-password)
and [arming PIN pairing](/docs/web-console#arm-pairing) are covered in
[The Web Console](/docs/web-console).
+2 -1
View File
@@ -86,7 +86,8 @@ When it finishes it prints the web-console URL and how to pair.
By default the host **requires PIN pairing** (secure). Two ways to pair:
- **Web console** (printed at the end of step 2): open `http://<device-ip>:47992`,
- **Web console** (printed at the end of step 2): open `https://<device-ip>:47992` (self-signed host
cert — your browser warns once; trust it and continue),
[arm pairing](/docs/web-console#arm-pairing), and enter the PIN on your client.
- **From the client directly**: pick this host (it advertises over mDNS as `_punktfunk._udp`) and
enter the PIN the host shows.
+4 -3
View File
@@ -5,7 +5,8 @@ description: Enable the punktfunk browser console, read or change its login pass
The web console is the browser UI for a punktfunk host — live status, paired devices, and the PIN
pairing flow. It ships as the **`punktfunk-web`** systemd user unit on Linux and the **`PunktfunkWeb`**
task on Windows, and serves on **`http://<host-ip>:47992`**. It's the surface you expose on the LAN to
task on Windows, and serves on **`https://<host-ip>:47992`** (HTTPS with the host's own self-signed
identity cert — your browser warns once; trust it and continue). It's the surface you expose on the LAN to
administer the host; the host's own management API (47990) keeps every admin action loopback-only and
off-loopback serves only read-only status + game-library browsing to paired clients.
@@ -19,11 +20,11 @@ off-loopback serves only read-only status + game-library browsing to paired clie
```sh
systemctl --user enable --now punktfunk-web
# then browse to http://<host-ip>:47992
# then browse to https://<host-ip>:47992
```
- **Windows host:** the installer sets up the console, its runtime, and the `PunktfunkWeb` task and
starts it at boot. There is nothing to enable — open `http://<this-PC>:47992`.
starts it at boot. There is nothing to enable — open `https://<this-PC>:47992`.
- **SteamOS host:** the install script builds and starts the console as a user service for you. It
prints the URL when it finishes.
+1 -1
View File
@@ -64,7 +64,7 @@ the Windows specifics follow.
The installer also sets up the **web management console** (status, paired devices, the PIN pairing
flow): it bundles the console plus its own runtime and runs it as the **`PunktfunkWeb`** task on
**`http://<this-PC>:47992`**, starting at boot.
**`https://<this-PC>:47992`**, starting at boot.
#### Console login password
+1 -1
View File
@@ -85,7 +85,7 @@ ujust add-user-to-input-group # virtual gamepads need /dev/uinput (re-
mkdir -p ~/.config/punktfunk
cp /usr/share/punktfunk/host.env.bazzite ~/.config/punktfunk/host.env # gamescope defaults
systemctl --user enable --now punktfunk-host
# Web console — enable it and read the auto-generated login password (then open http://<host-ip>:47992):
# Web console — enable it and read the auto-generated login password (then open https://<host-ip>:47992):
systemctl --user enable --now punktfunk-web
journalctl --user -u punktfunk-web-init | sed -n 's/.*password generated: //p'
```
+1 -1
View File
@@ -383,7 +383,7 @@ echo "punktfunk-web installed. Enable the console for your user:"
echo " systemctl --user enable --now punktfunk-web"
echo "A login password is generated on first start read it with:"
echo " journalctl --user -u punktfunk-web-init | sed -n 's/.*password generated: //p'"
echo "Then open http://<host-ip>:3000"
echo "Then open https://<host-ip>:47992"
%endif
%changelog
+1 -1
View File
@@ -15,5 +15,5 @@ if [ ! -s "$PWFILE" ]; then
(umask 077; printf 'PUNKTFUNK_UI_PASSWORD=%s\n' "$PW" > "$PWFILE")
chmod 600 "$PWFILE" 2>/dev/null || true
echo "punktfunk web console login password generated: $PW"
echo "(stored in $PWFILE — open http://<host-ip>:47992 and log in)"
echo "(stored in $PWFILE — open https://<host-ip>:47992 and log in)"
fi
+1 -1
View File
@@ -40,7 +40,7 @@ bun and runs `punktfunk-host.exe web setup`, which registers the **`PunktfunkWeb
(at boot, as SYSTEM, restart-on-failure) running `{app}\web\web-run.cmd`
`bun …\.output\server\index.mjs` on `:47992`, opens inbound TCP 47992, and writes the login password to
`%ProgramData%\punktfunk\web-password` (ACL'd to Administrators + SYSTEM). The mgmt bearer token it
proxies with is the host's own `%ProgramData%\punktfunk\mgmt-token`. Browse `http://<host-ip>:47992`
proxies with is the host's own `%ProgramData%\punktfunk\mgmt-token`. Browse `https://<host-ip>:47992`
and log in with the password the installer shows on its final page. To change it, edit
`web-password` and re-run the task: `schtasks /run /tn PunktfunkWeb`.