enricobuehler
54b75c9be4
Follows the security audit (#5/#9): the GameStream-compat plane carries inherent on-path weaknesses that can't be fixed on the wire without breaking stock Moonlight — its pairing runs over plain HTTP (#9, MITM-able during the pairing window) and its legacy control encryption can reuse GCM nonces (#5, a passive eavesdropper can recover/forge input). The native punktfunk/1 plane (SPAKE2 PIN pairing + per-direction AEAD nonces) has neither. So flip the default to secure-by-default: - `serve` → native punktfunk/1 plane + management API ONLY (no GameStream surface). - `serve --gamestream` → ALSO the GameStream/Moonlight-compat planes (nvhttp pairing, RTSP, ENet control, _nvstream mDNS). Opt-in, logged with a trusted-LAN caveat. `--moonlight` is an alias. - The native plane is now ALWAYS on in `serve` (`--native` is a kept-for-compat no-op); the unified GameStream+native host is `serve --gamestream`. `gamestream::serve` gates the GameStream spawns (nvhttp/rtsp/control/mdns) on the flag; the native plane + mgmt + native-pairing handle always run. To avoid silently regressing validated Moonlight deployments, the explicit deployment configs PRESERVE Moonlight via `--gamestream` (each documents dropping it for a secure native-only host): the Linux systemd unit, the Steam Deck installer, and the Windows service default (DEFAULT_HOST_CMD). The bare `serve` default (new/manual use) is secure. Docs swept to match (host-cli, moonlight, quickstart, install, packaging READMEs, CLAUDE.md, README, …): Moonlight setup now instructs `--gamestream`; native/console refs use bare `serve`. OpenAPI regenerated (a stale "run `serve --native`" string). fmt + clippy clean; 94 host tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2.4 KiB
title, description
| title | description |
|---|---|
| Quick Start | From nothing to streaming — set up a host and connect your first client. |
This is the shortest path to a working stream. Each step links to the details.
1. Set up the host
On your Linux + NVIDIA machine, follow the guide for your system:
Each one covers the NVIDIA driver, the dependencies, and how to build and run the host. Check the Requirements first if you're not sure your machine is a fit.
2. Start the host
From a terminal inside your desktop session (so the host can reach your compositor):
punktfunk-host serve
This is the secure native-only default — the native punktfunk/1 plane plus the web console. To also
serve stock Moonlight clients, add --gamestream (trusted-LAN only; see Moonlight).
The host starts listening and prints its identity fingerprint. It advertises itself on your local
network, so clients can find it by name. Leave it running. (To start it automatically at boot, see
Running as a Service.)
3. Connect and pair a client
On the device you want to stream to, use a native punktfunk client for the lowest latency, or any Moonlight client:
- Native client (Apple, Linux, Windows, Android): open the punktfunk app — your host appears in the list of hosts found on your network. Select it, and when prompted, pair.
- Anything with Moonlight: add the host (it should be discovered automatically), then pair.
To pair, the host needs to show a PIN. Arm pairing from the host's web console — the host displays a 4-digit PIN, you type it into the client, and they trust each other from then on. Pairing is required by default. Full details: Pairing & Trust.
4. Stream
Once paired, select the host and start streaming. The host creates a virtual display at your device's resolution and refresh, and the picture comes up. Mouse, keyboard, and controllers flow back to the host.
Next steps
- Tune resolution, refresh, and bitrate.
- Run the host as a background service so it's always available.
- Hit a snag? See Troubleshooting.