enricobuehler
54b75c9be4
Follows the security audit (#5/#9): the GameStream-compat plane carries inherent on-path weaknesses that can't be fixed on the wire without breaking stock Moonlight — its pairing runs over plain HTTP (#9, MITM-able during the pairing window) and its legacy control encryption can reuse GCM nonces (#5, a passive eavesdropper can recover/forge input). The native punktfunk/1 plane (SPAKE2 PIN pairing + per-direction AEAD nonces) has neither. So flip the default to secure-by-default: - `serve` → native punktfunk/1 plane + management API ONLY (no GameStream surface). - `serve --gamestream` → ALSO the GameStream/Moonlight-compat planes (nvhttp pairing, RTSP, ENet control, _nvstream mDNS). Opt-in, logged with a trusted-LAN caveat. `--moonlight` is an alias. - The native plane is now ALWAYS on in `serve` (`--native` is a kept-for-compat no-op); the unified GameStream+native host is `serve --gamestream`. `gamestream::serve` gates the GameStream spawns (nvhttp/rtsp/control/mdns) on the flag; the native plane + mgmt + native-pairing handle always run. To avoid silently regressing validated Moonlight deployments, the explicit deployment configs PRESERVE Moonlight via `--gamestream` (each documents dropping it for a secure native-only host): the Linux systemd unit, the Steam Deck installer, and the Windows service default (DEFAULT_HOST_CMD). The bare `serve` default (new/manual use) is secure. Docs swept to match (host-cli, moonlight, quickstart, install, packaging READMEs, CLAUDE.md, README, …): Moonlight setup now instructs `--gamestream`; native/console refs use bare `serve`. OpenAPI regenerated (a stale "run `serve --native`" string). fmt + clippy clean; 94 host tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2.7 KiB
title, description
| title | description |
|---|---|
| Connect with Moonlight | Stream from a punktfunk host using any Moonlight client. |
punktfunk speaks the GameStream protocol, so Moonlight connects to it like it would to any GameStream host — no punktfunk-specific app needed. It's a great option for a browser, a smart TV, or any device without a native client.
Many platforms also have a native punktfunk client with lower latency and built-in discovery/pairing — including Windows and Android (phone and Android TV). See Clients before reaching for Moonlight.
1. Make sure the host is running with GameStream enabled
Moonlight needs the GameStream planes, which are opt-in. Run the host with --gamestream:
punktfunk-host serve --gamestream
(Bare serve is the secure native-only default and stock Moonlight clients can't connect to it; the
native plane is always on, and --gamestream adds the Moonlight-compat surface.) GameStream pairs over
plain HTTP and its legacy control encryption is weaker than the native plane's, so only enable it on a
trusted LAN. If you run the host as a service, make sure its
ExecStart includes --gamestream. The host advertises itself on the network, so Moonlight usually
finds it on its own.
2. Add the host in Moonlight
Open Moonlight. Your host should appear automatically on the same network. If it doesn't, use Add Host manually and enter the host machine's IP address.
3. Pair
Select the host and choose Pair. Moonlight shows a 4-digit PIN. On the host, you confirm pairing (from the web console, or it accepts the ceremony when armed) — see Pairing & Trust. Once paired, Moonlight remembers the host.
4. Stream
Pick an app/desktop and start streaming. The host creates a virtual display at the resolution and frame rate Moonlight requests (set these in Moonlight's settings), encodes it on the GPU, and streams it. Mouse, keyboard, and controllers flow back to the host.
Tips
- Set your resolution and frame rate in Moonlight's settings before connecting — the host matches whatever Moonlight asks for, creating the virtual display at that exact mode.
- Codec: HEVC (H.265) is a good default; AV1 is available if your client supports it.
- Bitrate: start moderate and raise it. For very high bitrates, the native clients have a built-in speed test; with Moonlight, set the bitrate manually.
- Moonlight uses the GameStream protocol, not punktfunk's native FEC/encryption extensions. On a solid LAN this is fine; on a lossy link a native client holds up better.