enricobuehler
54b75c9be4
apple / swift (push) Successful in 55s
windows-host / package (push) Successful in 2m31s
android / android (push) Successful in 4m40s
ci / rust (push) Successful in 4m43s
ci / web (push) Successful in 30s
ci / docs-site (push) Successful in 34s
deb / build-publish (push) Successful in 2m9s
decky / build-publish (push) Successful in 11s
docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 5s
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 14s
docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 4s
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 4s
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 21s
ci / bench (push) Successful in 4m44s
docker / deploy-docs (push) Successful in 19s
rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 8m6s
rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 8m19s
Follows the security audit (#5/#9): the GameStream-compat plane carries inherent on-path weaknesses that can't be fixed on the wire without breaking stock Moonlight — its pairing runs over plain HTTP (#9, MITM-able during the pairing window) and its legacy control encryption can reuse GCM nonces (#5, a passive eavesdropper can recover/forge input). The native punktfunk/1 plane (SPAKE2 PIN pairing + per-direction AEAD nonces) has neither. So flip the default to secure-by-default: - `serve` → native punktfunk/1 plane + management API ONLY (no GameStream surface). - `serve --gamestream` → ALSO the GameStream/Moonlight-compat planes (nvhttp pairing, RTSP, ENet control, _nvstream mDNS). Opt-in, logged with a trusted-LAN caveat. `--moonlight` is an alias. - The native plane is now ALWAYS on in `serve` (`--native` is a kept-for-compat no-op); the unified GameStream+native host is `serve --gamestream`. `gamestream::serve` gates the GameStream spawns (nvhttp/rtsp/control/mdns) on the flag; the native plane + mgmt + native-pairing handle always run. To avoid silently regressing validated Moonlight deployments, the explicit deployment configs PRESERVE Moonlight via `--gamestream` (each documents dropping it for a secure native-only host): the Linux systemd unit, the Steam Deck installer, and the Windows service default (DEFAULT_HOST_CMD). The bare `serve` default (new/manual use) is secure. Docs swept to match (host-cli, moonlight, quickstart, install, packaging READMEs, CLAUDE.md, README, …): Moonlight setup now instructs `--gamestream`; native/console refs use bare `serve`. OpenAPI regenerated (a stale "run `serve --native`" string). fmt + clippy clean; 94 host tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
55 lines
2.7 KiB
Markdown
55 lines
2.7 KiB
Markdown
---
|
|
title: Connect with Moonlight
|
|
description: Stream from a punktfunk host using any Moonlight client.
|
|
---
|
|
|
|
punktfunk speaks the **GameStream** protocol, so [Moonlight](https://moonlight-stream.org/) connects
|
|
to it like it would to any GameStream host — no punktfunk-specific app needed. It's a great option for
|
|
a browser, a smart TV, or any device without a native client.
|
|
|
|
> Many platforms also have a **native punktfunk client** with lower latency and built-in
|
|
> discovery/pairing — including **Windows** and **Android** (phone and Android TV). See
|
|
> [Clients](/docs/clients) before reaching for Moonlight.
|
|
|
|
## 1. Make sure the host is running with GameStream enabled
|
|
|
|
Moonlight needs the GameStream planes, which are **opt-in**. Run the host with `--gamestream`:
|
|
|
|
```sh
|
|
punktfunk-host serve --gamestream
|
|
```
|
|
|
|
(Bare `serve` is the secure native-only default and stock Moonlight clients can't connect to it; the
|
|
native plane is always on, and `--gamestream` adds the Moonlight-compat surface.) GameStream pairs over
|
|
plain HTTP and its legacy control encryption is weaker than the native plane's, so only enable it on a
|
|
**trusted LAN**. If you run the host as a [service](/docs/running-as-a-service), make sure its
|
|
`ExecStart` includes `--gamestream`. The host advertises itself on the network, so Moonlight usually
|
|
finds it on its own.
|
|
|
|
## 2. Add the host in Moonlight
|
|
|
|
Open Moonlight. Your host should appear automatically on the same network. If it doesn't, use **Add
|
|
Host manually** and enter the host machine's IP address.
|
|
|
|
## 3. Pair
|
|
|
|
Select the host and choose **Pair**. Moonlight shows a 4-digit PIN. On the host, you confirm pairing
|
|
(from the web console, or it accepts the ceremony when armed) — see [Pairing & Trust](/docs/pairing).
|
|
Once paired, Moonlight remembers the host.
|
|
|
|
## 4. Stream
|
|
|
|
Pick an app/desktop and start streaming. The host creates a virtual display at the resolution and
|
|
frame rate Moonlight requests (set these in Moonlight's settings), encodes it on the GPU, and streams
|
|
it. Mouse, keyboard, and controllers flow back to the host.
|
|
|
|
## Tips
|
|
|
|
- **Set your resolution and frame rate in Moonlight's settings** before connecting — the host matches
|
|
whatever Moonlight asks for, creating the virtual display at that exact mode.
|
|
- **Codec:** HEVC (H.265) is a good default; AV1 is available if your client supports it.
|
|
- **Bitrate:** start moderate and raise it. For very high bitrates, the [native
|
|
clients](/docs/clients) have a built-in speed test; with Moonlight, set the bitrate manually.
|
|
- Moonlight uses the GameStream protocol, not punktfunk's native FEC/encryption extensions. On a
|
|
solid LAN this is fine; on a lossy link a [native client](/docs/clients) holds up better.
|