enricobuehler
54b75c9be4
Follows the security audit (#5/#9): the GameStream-compat plane carries inherent on-path weaknesses that can't be fixed on the wire without breaking stock Moonlight — its pairing runs over plain HTTP (#9, MITM-able during the pairing window) and its legacy control encryption can reuse GCM nonces (#5, a passive eavesdropper can recover/forge input). The native punktfunk/1 plane (SPAKE2 PIN pairing + per-direction AEAD nonces) has neither. So flip the default to secure-by-default: - `serve` → native punktfunk/1 plane + management API ONLY (no GameStream surface). - `serve --gamestream` → ALSO the GameStream/Moonlight-compat planes (nvhttp pairing, RTSP, ENet control, _nvstream mDNS). Opt-in, logged with a trusted-LAN caveat. `--moonlight` is an alias. - The native plane is now ALWAYS on in `serve` (`--native` is a kept-for-compat no-op); the unified GameStream+native host is `serve --gamestream`. `gamestream::serve` gates the GameStream spawns (nvhttp/rtsp/control/mdns) on the flag; the native plane + mgmt + native-pairing handle always run. To avoid silently regressing validated Moonlight deployments, the explicit deployment configs PRESERVE Moonlight via `--gamestream` (each documents dropping it for a secure native-only host): the Linux systemd unit, the Steam Deck installer, and the Windows service default (DEFAULT_HOST_CMD). The bare `serve` default (new/manual use) is secure. Docs swept to match (host-cli, moonlight, quickstart, install, packaging READMEs, CLAUDE.md, README, …): Moonlight setup now instructs `--gamestream`; native/console refs use bare `serve`. OpenAPI regenerated (a stale "run `serve --native`" string). fmt + clippy clean; 94 host tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
4.6 KiB
title, description
| title | description |
|---|---|
| Install the Host | Install the punktfunk host — on Linux from its package registry, or on Windows from a signed installer. |
On Linux, the package registries are the real distribution channel. Pick your distro, add the repo, and install with your native package manager. Each row links to the full per-distro guide (add the repo, first-run steps, the web console) — those are the source of truth, so this page doesn't duplicate them. On Windows (NVIDIA), the host ships as a signed installer instead — see Windows.
Pick your distro
| Distro | Package manager | One-command happy path | Guide |
|---|---|---|---|
| Ubuntu / Debian | apt | sudo apt install punktfunk-host |
Ubuntu — GNOME · Ubuntu — KDE · packaging/debian |
| Fedora / Bazzite | rpm-ostree | rpm-ostree install punktfunk punktfunk-web |
Fedora — KDE · Bazzite · packaging/rpm |
| Arch | PKGBUILD | makepkg -si |
packaging/arch |
| SteamOS (host) | on-device script | bash scripts/steamdeck/install.sh |
SteamOS (Host) |
Each registry is public — no auth, you just trust the repo's signing key. Adding the repo is a
one-time step covered in the linked guide; after that, normal apt upgrade / rpm-ostree upgrade
tracks new builds automatically.
Windows (NVIDIA)
punktfunk also runs as a native host on Windows 10/11 (x64) with an NVIDIA GPU, shipped as a signed installer — see Windows Host for what it includes and its limitations.
-
From the packages page (generic group), download the newest
punktfunk-host-setup-<ver>.exeand its matching.cer. -
Trust the publisher certificate once. The installer is signed with a self-signed certificate whose public
.ceris published next to it — the same certificate for every release, so this is genuinely one-time and later updates need nothing. In an admin PowerShell:Import-Certificate -FilePath .\punktfunk-host-setup.cer ` -CertStoreLocation Cert:\LocalMachine\TrustedPublisher -
Run
punktfunk-host-setup-<ver>.exe(elevated). It installs toC:\Program Files\punktfunk, optionally installs the bundled SudoVDA virtual-display driver, and registers + starts theLocalSystemservice (/VERYSILENTfor an unattended install). Upgrades and uninstall go through Add/Remove Programs.
You need an NVIDIA GPU + driver (the host is NVENC-only on Windows). More detail — including the CLI
punktfunk-host service install path — is in
Running as a Service → Windows.
What the packages are
punktfunk-host— the streaming host. Install this on your Linux + NVIDIA gaming machine.punktfunk-web— the browser management console (pairing + status). Recommended alongside the host; on RPM list it explicitly (rpm-ostree install punktfunk punktfunk-web).punktfunk-client— the GTK4 desktop client, for streaming to a Linux box (also shipped via apt / RPM / Arch / Flatpak). On a Steam Deck, this is the package you want.
After installing
-
Add yourself to the
inputgroup (virtual gamepads need/dev/uinput), then re-login. The exact command differs per distro — see your guide (usermod -aG input "$USER", orujust add-user-to-input-groupon Bazzite). -
Start the host inside your desktop session:
punktfunk-host serveBare
serveis the secure native-only default (nativepunktfunk/1+ the web console). On a trusted LAN, add--gamestreamto also serve stock Moonlight clients. -
Enable the web console and read its login password, then open
http://<host-ip>:3000:systemctl --user enable --now punktfunk-web journalctl --user -u punktfunk-web-init | sed -n 's/.*password generated: //p'
From there, follow the Quick Start to pair your first client. To run the host automatically at boot, see Running as a Service.
Building from source
If no package exists for your platform, you can build from source — see the repository README. Source builds are a fallback; the registries are the supported path.