Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / a274b24dda61ad23cde28d4fe051079529f34a23 / . / meson.options
blob: 298b34ffab32a4bb48a8281cd91480123842dd87 [file] [log] [blame]
# BMCWEB_KVM
option(
'kvm',
type: 'feature',
value: 'enabled',
description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
Video is from the BMCs /dev/videodevice.''',
)
# BMCWEB_TESTS
option(
'tests',
type: 'feature',
value: 'enabled',
description: 'Enable Unit tests for bmcweb',
)
# BMCWEB_VM_WEBSOCKET
option(
'vm-websocket',
type: 'feature',
value: 'enabled',
description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
open the websocket. See
https://github.com/openbmc/jsnbd/blob/master/README.''',
)
option(
'redfish-use-3-digit-messageid',
type: 'feature',
value: 'disabled',
description: '''Prior to a bug fix, bmcweb exposed error messages with a
MessageId of Base.x.y.z.Message which was incorrect.
Enabling this option causes return codes to return the old
incorrect version for backward compatibility. Will be
removed Q2-2025''',
)
# BMCWEB_NBDPROXY
# if you use this option and are seeing this comment, please comment here:
# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
# for this code. At this point, no daemon has been upstreamed that implements
# this interface, so for the moment this appears to be dead code; In leiu of
# removing it, it has been disabled to try to give those that use it the
# opportunity to upstream their backend implementation
#option(
# 'vm-nbdproxy',
# type: 'feature',
# value: 'disabled',
# description: 'Enable the Virtual Media WebSocket.'
#)
# BMCWEB_REST
option(
'rest',
type: 'feature',
value: 'disabled',
description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
Phosphor D-Bus object paths, for example,
/xyz/openbmc_project/logging/entry/enumerate. See
https://github.com/openbmc/docs/blob/master/rest-api.md.''',
)
# BMCWEB_REDFISH
option(
'redfish',
type: 'feature',
value: 'enabled',
description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
)
# BMCWEB_HOST_SERIAL_SOCKET
option(
'host-serial-socket',
type: 'feature',
value: 'enabled',
description: '''Enable host serial console WebSocket. Path is /console0.
See https://github.com/openbmc/docs/blob/master/console.md.''',
)
# BMCWEB_STATIC_HOSTING
option(
'static-hosting',
type: 'feature',
value: 'enabled',
description: '''Enable serving files from the /usr/share/www directory
as paths under /.''',
)
# BMCWEB_REDFISH_BMC_JOURNAL
option(
'redfish-bmc-journal',
type: 'feature',
value: 'enabled',
description: '''Enable BMC journal access through Redfish. Paths are under
/redfish/v1/Managers/bmc/LogServices/Journal.''',
)
# BMCWEB_REDFISH_CPU_LOG
option(
'redfish-cpu-log',
type: 'feature',
value: 'disabled',
description: '''Enable CPU log service transactions through Redfish. Paths
are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
)
# BMCWEB_REDFISH_DUMP_LOG
option(
'redfish-dump-log',
type: 'feature',
value: 'disabled',
description: '''Enable Dump log service transactions through Redfish. Paths
are under /redfish/v1/Systems/system/LogServices/Dump
and /redfish/v1/Managers/bmc/LogServices/Dump''',
)
# BMCWEB_REDFISH_DBUS_LOG
option(
'redfish-dbus-log',
type: 'feature',
value: 'disabled',
description: '''Enable DBUS log service transactions through Redfish. Paths
are under
/redfish/v1/Systems/system/LogServices/EventLog/Entries''',
)
# BMCWEB_EXPERIMENTAL_REDFISH_DBUS_LOG_SUBSCRIPTION
option(
'experimental-redfish-dbus-log-subscription',
type: 'feature',
value: 'disabled',
description: '''
Allows EventService subscriptions when the redfish-dbus-log option is
enabled.
This option is currently non-functional, given Redfish requirements for
MessageId support in Events.
Option will be removed begining of Q2-2025.
Should not be enabled on any production systems.
''',
)
# BMCWEB_REDFISH_HOST_LOGGER
option(
'redfish-host-logger',
type: 'feature',
value: 'enabled',
description: '''Enable host log service transactions based on
phosphor-hostlogger through Redfish. Paths are under
/redfish/v1/Systems/system/LogServices/HostLogger''',
)
# BMCWEB_REDFISH_PROVISIONING_FEATURE
option(
'redfish-provisioning-feature',
type: 'feature',
value: 'disabled',
description: '''Enable provisioning feature support in redfish. Paths are
under /redfish/v1/Systems/system/''',
)
# BMCWEB_REDFISH_MANAGER_URI_NAME
option(
'redfish-manager-uri-name',
type: 'string',
value: 'bmc',
description: '''The static Redfish Manager ID representing the BMC
instance. This option will appear in the Redfish tree at
/redfish/v1/Managers/<redfish-manager-uri-name>.
Defaults to \'bmc\' which resolves to
/redfish/v1/Managers/bmc''',
)
# BMCWEB_REDFISH_SYSTEM_URI_NAME
option(
'redfish-system-uri-name',
type: 'string',
value: 'system',
description: '''The static Redfish System ID representing the host
instance. This option will appear in the Redfish tree at
/redfish/v1/Systems/<redfish-system-uri-name>.
Defaults to \'system\' which resolves to
/redfish/v1/Systems/system''',
)
# BMCWEB_LOGGING_LEVEL
option(
'bmcweb-logging',
type: 'combo',
choices: [
'disabled',
'enabled',
'debug',
'info',
'warning',
'error',
'critical',
],
value: 'error',
description: '''Enable output the extended logging level.
- disabled: disable bmcweb log traces.
- enabled: treated as 'debug'
- For the other logging level option, see DEVELOPING.md.''',
)
# BMCWEB_BASIC_AUTH
option(
'basic-auth',
type: 'feature',
value: 'enabled',
description: 'Enable basic authentication',
)
# BMCWEB_SESSION_AUTH
option(
'session-auth',
type: 'feature',
value: 'enabled',
description: 'Enable session authentication',
)
# BMCWEB_XTOKEN_AUTH
option(
'xtoken-auth',
type: 'feature',
value: 'enabled',
description: 'Enable xtoken authentication',
)
# BMCWEB_COOKIE_AUTH
option(
'cookie-auth',
type: 'feature',
value: 'enabled',
description: 'Enable cookie authentication',
)
# BMCWEB_MUTUAL_TLS_AUTH
option(
'mutual-tls-auth',
type: 'feature',
value: 'enabled',
description: '''Enables authenticating users through TLS client
certificates. The insecure-disable-ssl must be disabled for
this option to take effect.''',
)
# BMCWEB_MUTUAL_TLS_COMMON_NAME_PARSING_DEFAULT
option(
'mutual-tls-common-name-parsing-default',
type: 'combo',
choices: ['CommonName', 'Whole', 'UserPrincipalName'],
description: '''Default MTLS parse mode to get username from the
client's x509 certificate''',
)
# BMCWEB_IBM_MANAGEMENT_CONSOLE
option(
'ibm-management-console',
type: 'feature',
value: 'disabled',
description: '''Enable the IBM management console specific functionality.
Paths are under /ibm/v1/''',
)
# BMCWEB_GOOGLE_API
option(
'google-api',
type: 'feature',
value: 'disabled',
description: '''Enable the Google specific functionality. Paths are under
/google/v1/''',
)
# BMCWEB_HTTP_BODY_LIMIT
option(
'http-body-limit',
type: 'integer',
min: 0,
max: 512,
value: 30,
description: 'Specifies the http request body length limit',
)
# BMCWEB_REDFISH_NEW_POWERSUBSYSTEM_THERMALSUBSYSTEM
option(
'redfish-new-powersubsystem-thermalsubsystem',
type: 'feature',
value: 'enabled',
description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
and all children schemas. This includes displaying all
sensors in the SensorCollection.''',
)
# BMCWEB_REDFISH_ALLOW_DEPRECATED_POWER_THERMAL
option(
'redfish-allow-deprecated-power-thermal',
type: 'feature',
value: 'enabled',
description: '''Enable/disable the old Power / Thermal. The default
condition is allowing the old Power / Thermal. This
will be disabled by default June 2024. ''',
)
# BMCWEB_REDFISH_OEM_MANAGER_FAN_DATA
option(
'redfish-oem-manager-fan-data',
type: 'feature',
value: 'enabled',
description: '''Enables Redfish OEM fan data on the manager resource.
This includes PID and Stepwise controller data. See
OpenBMCManager schema for more detail.''',
)
# BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS
option(
'redfish-updateservice-use-dbus',
type: 'feature',
value: 'enabled',
description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
to propagate UpdateService requests to the corresponding
updater daemons instead of moving files to /tmp/images dir.
''',
)
# BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE
option(
'redfish-allow-simple-update',
type: 'feature',
value: 'disabled',
description: '''Enables Redfish UpdateService SimpleUpdate Action. Note
that at this time this option is non-functional. Redfish
recommends using MultiPartUpdate.''',
)
option(
'https_port',
type: 'integer',
min: -1,
max: 65535,
value: 443,
description: '''HTTPS default port number. Set to -1 to disable and rely
only on additional_ports''',
)
# Additional ports
# This series of options below allows setting up non-trivial deployments of
# bmcweb, binding specific ports, authentication profiles, and device binds to
# multiple ports.
# Setting these options incorrectly can have severe security consequences and
# should be reserved for platform experts familiar with their particular
# platforms security requirements.
option(
'additional-ports',
type: 'array',
value: [],
description: '''Additional ports to listen to. Allows bmcweb to listen to
multiple ports at a given protocol''',
)
option(
'additional-protocol',
type: 'array',
value: [],
description: '''Allows specifying a specific protocol type for a given
additional-ports index. Allows setting http, https, or both
to each socket index. If not provided for a given
additional-ports index, assumes https.''',
)
option(
'additional-bind-to-device',
type: 'array',
value: [],
description: '''Allows specifying an SO_BINDTODEVICE or BindToDevice systemd
directive for each additional socket file. If not provided
for a given additional-ports index, assumes bind to all
devices''',
)
option(
'additional-auth',
type: 'array',
value: [],
description: '''Allows specifying an authentication profile for each socket
created with additional-ports. Allows auth or noauth, and
defaults to auth if not provided. If noauth is provided,
authentication will not be performed for a given socket/port
index.''',
)
# end additional ports
# BMCWEB_DNS_RESOLVER
option(
'dns-resolver',
type: 'combo',
choices: ['systemd-dbus', 'asio'],
value: 'systemd-dbus',
description: '''Sets which DNS resolver backend should be used.
systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
support. asio relies on boost::asio::tcp::resolver, but cannot resolve
names when boost threading is disabled.''',
)
# BMCWEB_REDFISH_AGGREGATION
option(
'redfish-aggregation',
type: 'feature',
value: 'disabled',
description: 'Allows this BMC to aggregate resources from satellite BMCs',
)
# BMCWEB_HYPERVISOR_COMPUTER_SYSTEM
option(
'hypervisor-computer-system',
type: 'feature',
value: 'disabled',
description: '''This puts a hypervisor computer system resource at
/redfish/v1/Systems/hypervisor. This system resource has children
resources such as EthernetInterfaces and ComputerSystem.Reset.''',
)
# BMCWEB_EXPERIMENTAL_REDFISH_MULTI_COMPUTER_SYSTEM
option(
'experimental-redfish-multi-computer-system',
type: 'feature',
value: 'disabled',
description: '''This is a temporary option flag for staging the
ComputerSystemCollection transition to multi-host. It, as well as the code
still beneath it will be removed on 6/1/2025. Do not enable in a
production environment, or where API stability is required.''',
)
# BMCWEB_EXPERIMENTAL_HTTP2
option(
'experimental-http2',
type: 'feature',
value: 'disabled',
description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
on this option for any production systems. It may have
behavior changes or be removed at any time.''',
)
# BMCWEB_WATCHDOG_TIMEOUT
option(
'watchdog-timeout-seconds',
type: 'integer',
min: 0,
max: 600,
value: 120,
description: '''Specifies the systemd watchdog timeout interval in seconds.
Set to 0 to disable the watchdog.''',
)
# Insecure options. Every option that starts with a `insecure` flag should
# not be enabled by default for any platform, unless the author fully comprehends
# the implications of doing so.In general, enabling these options will cause security
# problems of varying degrees
# BMCWEB_INSECURE_DISABLE_CSRF
option(
'insecure-disable-csrf',
type: 'feature',
value: 'disabled',
description: '''Disable CSRF prevention checks.Should be set to false for
production systems.''',
)
# BMCWEB_INSECURE_DISABLE_SSL
option(
'insecure-disable-ssl',
type: 'feature',
value: 'disabled',
description: '''Disable SSL ports. Should be set to false for production
systems.''',
)
# BMCWEB_INSECURE_DISABLE_AUTH
option(
'insecure-disable-auth',
type: 'feature',
value: 'disabled',
description: '''Disable authentication and authoriztion on all ports.
Should be set to false for production systems.''',
)
# BMCWEB_INSECURE_IGNORE_CONTENT_TYPE
option(
'insecure-ignore-content-type',
type: 'feature',
value: 'disabled',
description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
of the presence of the content-type header. Enabling this
conflicts with the input parsing guidelines, but may be
required to support old clients that may not set the
Content-Type header on payloads.''',
)
# BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION
option(
'insecure-push-style-notification',
type: 'feature',
value: 'disabled',
description: 'Enable HTTP push style eventing feature',
)
# BMCWEB_INSECURE_ENABLE_REDFISH_QUERY
option(
'insecure-enable-redfish-query',
type: 'feature',
value: 'disabled',
description: '''Enables Redfish expand query parameter. This feature is
experimental, and has not been tested against the full
limits of user-facing behavior. It is not recommended to
enable on production systems at this time. Other query
parameters such as only are not controlled by this option.''',
)