Levi Woodard
16e2465cf5
This bundles every fix we made debugging the first real install plus a comprehensive troubleshooting reference. Working tree is now PII-safe for public distribution: hostname-based default mode is driven by a HEADLESS_HOSTS env var instead of a hardcoded literal; docs use placeholders for hostnames and LAN IPs. Self-healing headless management - bin/sunshine-prestart.sh (new): runs as systemd ExecStartPre. Resolves the Hyprland instance signature from XDG_RUNTIME_DIR/hypr when systemd-user env didn't propagate it. Reduces to exactly one headless output by keeping the lowest-numbered HEADLESS-N and removing the rest. Rewrites the managed sunshine.conf's output_name line to match the surviving name — Hyprland's HEADLESS-N counter is monotonic and ignores the optional name argument to 'output create headless', so without active sync output_name drifts off HEADLESS-1 after the first restart cycle. - bin/sunshine-stream-do.sh: dropped the hardcoded MON=HEADLESS-1. Now discovers whatever HEADLESS-* exists via jq. Resize and workspace migration target the actual output. - bin/sunshine-stream-undo.sh: reads the headless name from a state file the do-script wrote, with discovery fallback. Stops removing the output between sessions — the create/destroy race caused fatal startup encoder errors on the next Sunshine restart. - files/headless-prestart.conf, files/sunshine.service: ExecStartPre now points at the new prestart script. - lib/headless.sh: install_headless_hooks now installs all three scripts. New install_headless_prestart_dropin resolves the actual systemd unit name (sunshine.service vs app-dev.lizardbyte.app.Sunshine.service) and lands the drop-in under <unit>.service.d/. Firewall detection - lib/firewall.sh: _ufw_active now uses 'systemctl is-active ufw.service' instead of 'ufw status'. The latter requires root to read /etc/ufw state, so the unprivileged probe returned false and we silently skipped opening Sunshine's ports on hosts where ufw was actively dropping packets. Service unit fallbacks - lib/service.sh: ensure_sunshine_unit_present looks for sunshine.service in every systemd-user path first; falls back to the reverse-DNS AUR-source unit name; last resort drops a repo-provided fallback unit. systemctl reset-failed before each restart so a previous start-limit-hit doesn't immediately reject the new attempt. Preflight - lib/preflight.sh: new preflight_headless step that, only when STREAM_MODE is headless, surfaces missing hyprctl / jq / Hyprland reachability before install proceeds. Public-safe defaults - install.sh: streaming-mode default is now driven by HEADLESS_HOSTS env var (comma-separated, case-insensitive). Unset by default — every host gets mirror mode unless its hostname is listed or --headless is passed explicitly. Past versions hardcoded a specific hostname. - README.md: replaced JARVIS-specific examples with HEADLESS_HOSTS prose. Docs - docs/TROUBLESHOOTING.md (new): comprehensive failure-mode reference. Every issue hit during the first end-to-end install, in order, with symptom → cause → fix → permanent prevention. Plus a "Custom keybinding to escape Moonlight" section and an outstanding-followups punch list (1Password black-rectangle workarounds, hypridle inhibit during stream, busiest- workspace auto-switch, jarvis.lan DNS, 1Password SSH agent timeouts).
64 lines
2.0 KiB
Bash
64 lines
2.0 KiB
Bash
#!/usr/bin/env bash
|
|
# Open Sunshine's ports on whatever firewall is active.
|
|
# Sunshine ports:
|
|
# TCP: 47984, 47989, 47990, 48010
|
|
# UDP: 47998, 47999, 48000, 48010
|
|
|
|
SUNSHINE_TCP_PORTS=(47984 47989 47990 48010)
|
|
SUNSHINE_UDP_PORTS=(47998 47999 48000 48010)
|
|
|
|
_firewalld_active() { systemctl is-active --quiet firewalld 2>/dev/null; }
|
|
|
|
# ufw is a Type=oneshot unit with RemainAfterExit=true. Its `ufw status`
|
|
# command requires root to read /etc/ufw state, so an unprivileged check
|
|
# returns nothing and silently misses an active firewall. Use systemd's
|
|
# unit state instead — it works without sudo.
|
|
_ufw_active() {
|
|
command -v ufw >/dev/null 2>&1 || return 1
|
|
systemctl is-active ufw.service >/dev/null 2>&1
|
|
}
|
|
|
|
_iptables_has_rules() {
|
|
command -v iptables >/dev/null 2>&1 || return 1
|
|
# Heuristic: more than the default 3 chains-with-no-rules output lines means rules exist.
|
|
[[ "$(as_root iptables -S 2>/dev/null | wc -l)" -gt 3 ]]
|
|
}
|
|
|
|
open_sunshine_ports() {
|
|
if _firewalld_active; then
|
|
info "firewalld is active — opening ports"
|
|
local p
|
|
for p in "${SUNSHINE_TCP_PORTS[@]}"; do
|
|
as_root firewall-cmd --permanent --add-port="${p}/tcp" >/dev/null
|
|
done
|
|
for p in "${SUNSHINE_UDP_PORTS[@]}"; do
|
|
as_root firewall-cmd --permanent --add-port="${p}/udp" >/dev/null
|
|
done
|
|
as_root firewall-cmd --reload >/dev/null
|
|
ok "Opened Sunshine ports in firewalld"
|
|
return 0
|
|
fi
|
|
|
|
if _ufw_active; then
|
|
info "ufw is active — opening ports"
|
|
local p
|
|
for p in "${SUNSHINE_TCP_PORTS[@]}"; do
|
|
as_root ufw allow "${p}/tcp" >/dev/null
|
|
done
|
|
for p in "${SUNSHINE_UDP_PORTS[@]}"; do
|
|
as_root ufw allow "${p}/udp" >/dev/null
|
|
done
|
|
ok "Opened Sunshine ports in ufw"
|
|
return 0
|
|
fi
|
|
|
|
if _iptables_has_rules; then
|
|
warn "iptables rules detected but no managed firewall (ufw/firewalld). Open these ports manually:"
|
|
warn " TCP: ${SUNSHINE_TCP_PORTS[*]}"
|
|
warn " UDP: ${SUNSHINE_UDP_PORTS[*]}"
|
|
return 0
|
|
fi
|
|
|
|
info "No active firewall detected — nothing to configure."
|
|
}
|