blob: 915f4279765e7af3166970bd68888501db555ab6 [file] [log] [blame]
Ed Tanousc5bcf352024-09-25 16:41:10 -07001# BMCWEB_KVM
Ed Tanous0cd5f782022-04-26 16:09:09 -07002option(
Ed Tanous0cd5f782022-04-26 16:09:09 -07003 'kvm',
4 type: 'feature',
5 value: 'enabled',
6 description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
Ed Tanous50b37022024-06-25 13:00:04 -07007 Video is from the BMCs /dev/videodevice.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -07008)
9
Ed Tanousc5bcf352024-09-25 16:41:10 -070010# BMCWEB_TESTS
Ed Tanous0cd5f782022-04-26 16:09:09 -070011option(
12 'tests',
13 type: 'feature',
14 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -070015 description: 'Enable Unit tests for bmcweb',
Ed Tanous0cd5f782022-04-26 16:09:09 -070016)
17
Ed Tanousc5bcf352024-09-25 16:41:10 -070018# BMCWEB_VM_WEBSOCKET
Ed Tanous0cd5f782022-04-26 16:09:09 -070019option(
20 'vm-websocket',
21 type: 'feature',
22 value: 'enabled',
Ed Tanous36c0f2a2024-02-09 13:50:26 -080023 description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
Ed Tanous0cd5f782022-04-26 16:09:09 -070024 open the websocket. See
Ed Tanous50b37022024-06-25 13:00:04 -070025 https://github.com/openbmc/jsnbd/blob/master/README.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070026)
Ed Tanousefb80622021-02-20 11:04:01 -080027
Ed Tanous56b81992024-12-02 10:36:37 -080028option(
29 'redfish-use-3-digit-messageid',
30 type: 'feature',
31 value: 'disabled',
32 description: '''Prior to a bug fix, bmcweb exposed error messages with a
33 MessageId of Base.x.y.z.Message which was incorrect.
34 Enabling this option causes return codes to return the old
35 incorrect version for backward compatibility. Will be
36 removed Q2-2025'''
37)
38
Ed Tanousc5bcf352024-09-25 16:41:10 -070039# BMCWEB_NBDPROXY
Ed Tanousefb80622021-02-20 11:04:01 -080040# if you use this option and are seeing this comment, please comment here:
41# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
42# for this code. At this point, no daemon has been upstreamed that implements
43# this interface, so for the moment this appears to be dead code; In leiu of
44# removing it, it has been disabled to try to give those that use it the
45# opportunity to upstream their backend implementation
Ed Tanous0cd5f782022-04-26 16:09:09 -070046#option(
47# 'vm-nbdproxy',
Ed Tanous36c0f2a2024-02-09 13:50:26 -080048# type: 'feature',
49# value: 'disabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -070050# description: 'Enable the Virtual Media WebSocket.'
51#)
52
Ed Tanousc5bcf352024-09-25 16:41:10 -070053# BMCWEB_REST
Ed Tanous0cd5f782022-04-26 16:09:09 -070054option(
55 'rest',
56 type: 'feature',
57 value: 'disabled',
58 description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
59 Phosphor D-Bus object paths, for example,
60 /xyz/openbmc_project/logging/entry/enumerate. See
Ed Tanous50b37022024-06-25 13:00:04 -070061 https://github.com/openbmc/docs/blob/master/rest-api.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070062)
63
Ed Tanousc5bcf352024-09-25 16:41:10 -070064# BMCWEB_REDFISH
Ed Tanous0cd5f782022-04-26 16:09:09 -070065option(
66 'redfish',
67 type: 'feature',
68 value: 'enabled',
69 description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
Ed Tanous50b37022024-06-25 13:00:04 -070070 https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070071)
72
Ed Tanousc5bcf352024-09-25 16:41:10 -070073# BMCWEB_HOST_SERIAL_SOCKET
Ed Tanous0cd5f782022-04-26 16:09:09 -070074option(
75 'host-serial-socket',
76 type: 'feature',
77 value: 'enabled',
78 description: '''Enable host serial console WebSocket. Path is /console0.
Ed Tanous50b37022024-06-25 13:00:04 -070079 See https://github.com/openbmc/docs/blob/master/console.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070080)
81
Ed Tanousc5bcf352024-09-25 16:41:10 -070082# BMCWEB_STATIC_HOSTING
Ed Tanous0cd5f782022-04-26 16:09:09 -070083option(
84 'static-hosting',
85 type: 'feature',
86 value: 'enabled',
87 description: '''Enable serving files from the /usr/share/www directory
Ed Tanous50b37022024-06-25 13:00:04 -070088 as paths under /.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070089)
90
Ed Tanousc5bcf352024-09-25 16:41:10 -070091# BMCWEB_REDFISH_BMC_JOURNAL
Ed Tanous0cd5f782022-04-26 16:09:09 -070092option(
93 'redfish-bmc-journal',
94 type: 'feature',
Willy Tuf8483672022-05-10 15:08:10 -070095 value: 'enabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -070096 description: '''Enable BMC journal access through Redfish. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -070097 /redfish/v1/Managers/bmc/LogServices/Journal.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -070098)
99
Ed Tanousc5bcf352024-09-25 16:41:10 -0700100# BMCWEB_REDFISH_CPU_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700101option(
102 'redfish-cpu-log',
103 type: 'feature',
104 value: 'disabled',
105 description: '''Enable CPU log service transactions through Redfish. Paths
Ed Tanous50b37022024-06-25 13:00:04 -0700106 are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700107)
108
Ed Tanousc5bcf352024-09-25 16:41:10 -0700109# BMCWEB_REDFISH_DUMP_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700110option(
111 'redfish-dump-log',
112 type: 'feature',
113 value: 'disabled',
114 description: '''Enable Dump log service transactions through Redfish. Paths
115 are under /redfish/v1/Systems/system/LogServices/Dump
Ed Tanous50b37022024-06-25 13:00:04 -0700116 and /redfish/v1/Managers/bmc/LogServices/Dump''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700117)
118
Ed Tanousc5bcf352024-09-25 16:41:10 -0700119# BMCWEB_REDFISH_DBUS_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700120option(
121 'redfish-dbus-log',
122 type: 'feature',
123 value: 'disabled',
124 description: '''Enable DBUS log service transactions through Redfish. Paths
125 are under
Ed Tanous50b37022024-06-25 13:00:04 -0700126 /redfish/v1/Systems/system/LogServices/EventLog/Entries''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700127)
128
Alexander Hansen6c58a032024-11-21 15:27:04 -0800129# BMCWEB_EXPERIMENTAL_REDFISH_DBUS_LOG_SUBSCRIPTION
130option(
131 'experimental-redfish-dbus-log-subscription',
132 type: 'feature',
133 value: 'disabled',
134 description: '''
135 Allows EventService subscriptions when the redfish-dbus-log option is
136 enabled.
137 This option is currently non-functional, given Redfish requirements for
138 MessageId support in Events.
139 Option will be removed begining of Q2-2025.
140 Should not be enabled on any production systems.
141 ''',
142)
143
Ed Tanousc5bcf352024-09-25 16:41:10 -0700144# BMCWEB_REDFISH_HOST_LOGGER
Ed Tanous0cd5f782022-04-26 16:09:09 -0700145option(
146 'redfish-host-logger',
147 type: 'feature',
148 value: 'enabled',
149 description: '''Enable host log service transactions based on
150 phosphor-hostlogger through Redfish. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -0700151 /redfish/v1/Systems/system/LogServices/HostLogger''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700152)
153
Ed Tanousc5bcf352024-09-25 16:41:10 -0700154# BMCWEB_REDFISH_PROVISIONING_FEATURE
Ed Tanous0cd5f782022-04-26 16:09:09 -0700155option(
156 'redfish-provisioning-feature',
157 type: 'feature',
158 value: 'disabled',
159 description: '''Enable provisioning feature support in redfish. Paths are
Ed Tanous50b37022024-06-25 13:00:04 -0700160 under /redfish/v1/Systems/system/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700161)
162
Ed Tanousc5bcf352024-09-25 16:41:10 -0700163# BMCWEB_REDFISH_MANAGER_URI_NAME
Ed Tanous0cd5f782022-04-26 16:09:09 -0700164option(
Ed Tanous253f11b2024-05-16 09:38:31 -0700165 'redfish-manager-uri-name',
166 type: 'string',
167 value: 'bmc',
168 description: '''The static Redfish Manager ID representing the BMC
169 instance. This option will appear in the Redfish tree at
170 /redfish/v1/Managers/<redfish-manager-uri-name>.
171 Defaults to \'bmc\' which resolves to
Ed Tanous50b37022024-06-25 13:00:04 -0700172 /redfish/v1/Managers/bmc''',
Ed Tanous253f11b2024-05-16 09:38:31 -0700173)
174
Ed Tanousc5bcf352024-09-25 16:41:10 -0700175# BMCWEB_REDFISH_SYSTEM_URI_NAME
Ed Tanous253f11b2024-05-16 09:38:31 -0700176option(
177 'redfish-system-uri-name',
178 type: 'string',
179 value: 'system',
180 description: '''The static Redfish System ID representing the host
181 instance. This option will appear in the Redfish tree at
182 /redfish/v1/Systems/<redfish-system-uri-name>.
183 Defaults to \'system\' which resolves to
Ed Tanous50b37022024-06-25 13:00:04 -0700184 /redfish/v1/Systems/system''',
Ed Tanous253f11b2024-05-16 09:38:31 -0700185)
186
Ed Tanousc5bcf352024-09-25 16:41:10 -0700187# BMCWEB_LOGGING_LEVEL
Ed Tanous253f11b2024-05-16 09:38:31 -0700188option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700189 'bmcweb-logging',
Myung Bae662aa6e2023-01-10 14:20:28 -0600190 type: 'combo',
Ed Tanous92e26be2024-08-21 13:39:14 -0700191 choices: [
192 'disabled',
193 'enabled',
194 'debug',
195 'info',
196 'warning',
197 'error',
198 'critical',
199 ],
Ed Tanous4d1db042024-02-16 13:08:34 -0800200 value: 'error',
Myung Bae662aa6e2023-01-10 14:20:28 -0600201 description: '''Enable output the extended logging level.
202 - disabled: disable bmcweb log traces.
203 - enabled: treated as 'debug'
Ed Tanous50b37022024-06-25 13:00:04 -0700204 - For the other logging level option, see DEVELOPING.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700205)
206
Ed Tanousc5bcf352024-09-25 16:41:10 -0700207# BMCWEB_BASIC_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700208option(
209 'basic-auth',
210 type: 'feature',
211 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700212 description: 'Enable basic authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700213)
214
Ed Tanousc5bcf352024-09-25 16:41:10 -0700215# BMCWEB_SESSION_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700216option(
217 'session-auth',
218 type: 'feature',
219 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700220 description: 'Enable session authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700221)
222
Ed Tanousc5bcf352024-09-25 16:41:10 -0700223# BMCWEB_XTOKEN_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700224option(
225 'xtoken-auth',
226 type: 'feature',
227 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700228 description: 'Enable xtoken authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700229)
230
Ed Tanousc5bcf352024-09-25 16:41:10 -0700231# BMCWEB_COOKIE_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700232option(
233 'cookie-auth',
234 type: 'feature',
235 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700236 description: 'Enable cookie authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700237)
238
Ed Tanousc5bcf352024-09-25 16:41:10 -0700239# BMCWEB_MUTUAL_TLS_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700240option(
241 'mutual-tls-auth',
242 type: 'feature',
243 value: 'enabled',
244 description: '''Enables authenticating users through TLS client
245 certificates. The insecure-disable-ssl must be disabled for
Ed Tanous50b37022024-06-25 13:00:04 -0700246 this option to take effect.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700247)
248
Ed Tanousc5bcf352024-09-25 16:41:10 -0700249# BMCWEB_MUTUAL_TLS_COMMON_NAME_PARSING_DEFAULT
Ed Tanous0cd5f782022-04-26 16:09:09 -0700250option(
Ed Tanous3ce36882024-06-09 10:58:16 -0700251 'mutual-tls-common-name-parsing-default',
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700252 type: 'combo',
Ed Tanous3ce36882024-06-09 10:58:16 -0700253 choices: ['CommonName', 'Whole', 'UserPrincipalName', 'Meta'],
254 description: '''
255 Parses the Subject CN in the format used by
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700256 Meta Inc (see mutual_tls_meta.cpp for details)
Ed Tanous50b37022024-06-25 13:00:04 -0700257 ''',
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700258)
259
Ed Tanousc5bcf352024-09-25 16:41:10 -0700260# BMCWEB_META_TLS_COMMON_NAME_PARSING
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700261option(
Ed Tanous3ce36882024-06-09 10:58:16 -0700262 'meta-tls-common-name-parsing',
263 type: 'feature',
264 description: '''
265 Allows parsing the Subject CN TLS certificate in the format used by
266 Meta Inc (see mutual_tls_meta.cpp for details)
267 ''',
268)
269
Ed Tanousc5bcf352024-09-25 16:41:10 -0700270# BMCWEB_IBM_MANAGEMENT_CONSOLE
Ed Tanous3ce36882024-06-09 10:58:16 -0700271option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700272 'ibm-management-console',
273 type: 'feature',
274 value: 'disabled',
275 description: '''Enable the IBM management console specific functionality.
Ed Tanous50b37022024-06-25 13:00:04 -0700276 Paths are under /ibm/v1/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700277)
278
Ed Tanousc5bcf352024-09-25 16:41:10 -0700279# BMCWEB_GOOGLE_API
Ed Tanous0cd5f782022-04-26 16:09:09 -0700280option(
281 'google-api',
282 type: 'feature',
283 value: 'disabled',
284 description: '''Enable the Google specific functionality. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -0700285 /google/v1/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700286)
287
Ed Tanousc5bcf352024-09-25 16:41:10 -0700288# BMCWEB_HTTP_BODY_LIMIT
Ed Tanous0cd5f782022-04-26 16:09:09 -0700289option(
290 'http-body-limit',
291 type: 'integer',
292 min: 0,
293 max: 512,
294 value: 30,
Ed Tanous50b37022024-06-25 13:00:04 -0700295 description: 'Specifies the http request body length limit',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700296)
297
Ed Tanousc5bcf352024-09-25 16:41:10 -0700298# BMCWEB_REDFISH_NEW_POWERSUBSYSTEM_THERMALSUBSYSTEM
Ed Tanous0cd5f782022-04-26 16:09:09 -0700299option(
300 'redfish-new-powersubsystem-thermalsubsystem',
301 type: 'feature',
Gunnar Mills86159152024-02-06 14:54:39 -0600302 value: 'enabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700303 description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
304 and all children schemas. This includes displaying all
Ed Tanous50b37022024-06-25 13:00:04 -0700305 sensors in the SensorCollection.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700306)
307
Ed Tanousc5bcf352024-09-25 16:41:10 -0700308# BMCWEB_REDFISH_ALLOW_DEPRECATED_POWER_THERMAL
Ed Tanous0cd5f782022-04-26 16:09:09 -0700309option(
310 'redfish-allow-deprecated-power-thermal',
311 type: 'feature',
312 value: 'enabled',
313 description: '''Enable/disable the old Power / Thermal. The default
Gunnar Mills86159152024-02-06 14:54:39 -0600314 condition is allowing the old Power / Thermal. This
Ed Tanous50b37022024-06-25 13:00:04 -0700315 will be disabled by default June 2024. ''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700316)
317
Ed Tanousc5bcf352024-09-25 16:41:10 -0700318# BMCWEB_REDFISH_OEM_MANAGER_FAN_DATA
Ed Tanous0cd5f782022-04-26 16:09:09 -0700319option(
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000320 'redfish-oem-manager-fan-data',
321 type: 'feature',
322 value: 'enabled',
323 description: '''Enables Redfish OEM fan data on the manager resource.
324 This includes PID and Stepwise controller data. See
Myung Bae1d19d872024-09-10 09:42:32 -0400325 OpenBMCManager schema for more detail.''',
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000326)
327
Ed Tanousc5bcf352024-09-25 16:41:10 -0700328# BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000329option(
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700330 'redfish-updateservice-use-dbus',
331 type: 'feature',
332 value: 'disabled',
333 description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
334 to propagate UpdateService requests to the corresponding
335 updater daemons instead of moving files to /tmp/images dir.
336 This option is temporary, should not be enabled on any
337 production systems. The code will be moved to the normal
338 code update flow and the option will be removed at the end
339 of Q3 2024.
Ed Tanous50b37022024-06-25 13:00:04 -0700340 ''',
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700341)
342
Ed Tanousc5bcf352024-09-25 16:41:10 -0700343# BMCWEB_HTTPS_PORT
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700344option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700345 'https_port',
346 type: 'integer',
347 min: 1,
348 max: 65535,
349 value: 443,
Ed Tanous50b37022024-06-25 13:00:04 -0700350 description: 'HTTPS Port number.',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700351)
Manojkiran Edaaf6298d2020-05-27 08:51:32 +0530352
Ed Tanousc5bcf352024-09-25 16:41:10 -0700353# BMCWEB_DNS_RESOLVER
Carson Labrado7fb33562022-04-18 23:26:56 +0000354option(
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700355 'dns-resolver',
356 type: 'combo',
357 choices: ['systemd-dbus', 'asio'],
358 value: 'systemd-dbus',
359 description: '''Sets which DNS resolver backend should be used.
360 systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
361 support. asio relies on boost::asio::tcp::resolver, but cannot resolve
Ed Tanous50b37022024-06-25 13:00:04 -0700362 names when boost threading is disabled.''',
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700363)
364
Ed Tanousc5bcf352024-09-25 16:41:10 -0700365# BMCWEB_REDFISH_AGGREGATION
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700366option(
Carson Labrado7fb33562022-04-18 23:26:56 +0000367 'redfish-aggregation',
368 type: 'feature',
369 value: 'disabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700370 description: 'Allows this BMC to aggregate resources from satellite BMCs',
Carson Labrado7fb33562022-04-18 23:26:56 +0000371)
372
Ed Tanousc5bcf352024-09-25 16:41:10 -0700373# BMCWEB_HYPERVISOR_COMPUTER_SYSTEM
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800374option(
Gunnar Mills68896202024-08-21 11:34:20 -0500375 'hypervisor-computer-system',
376 type: 'feature',
377 value: 'disabled',
378 description: '''This puts a hypervisor computer system resource at
379 /redfish/v1/Systems/hypervisor. This system resource has children
380 resources such as EthernetInterfaces and ComputerSystem.Reset.''',
381)
382
Ed Tanousc5bcf352024-09-25 16:41:10 -0700383# BMCWEB_EXPERIMENTAL_REDFISH_MULTI_COMPUTER_SYSTEM
Gunnar Mills68896202024-08-21 11:34:20 -0500384option(
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800385 'experimental-redfish-multi-computer-system',
386 type: 'feature',
387 value: 'disabled',
388 description: '''This is a temporary option flag for staging the
389 ComputerSystemCollection transition to multi-host. It, as well as the code
Gunnar Mills1f1fb4f2024-10-02 15:02:19 -0500390 still beneath it will be removed on 3/1/2025. Do not enable in a
Ed Tanous50b37022024-06-25 13:00:04 -0700391 production environment, or where API stability is required.''',
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800392)
393
Ed Tanousc5bcf352024-09-25 16:41:10 -0700394# BMCWEB_EXPERIMENTAL_HTTP2
Ed Tanousfca2cbe2021-01-28 14:49:59 -0800395option(
396 'experimental-http2',
397 type: 'feature',
398 value: 'disabled',
399 description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
400 on this option for any production systems. It may have
Ed Tanous50b37022024-06-25 13:00:04 -0700401 behavior changes or be removed at any time.''',
Ed Tanousfca2cbe2021-01-28 14:49:59 -0800402)
403
Manojkiran Edaaf6298d2020-05-27 08:51:32 +0530404# Insecure options. Every option that starts with a `insecure` flag should
405# not be enabled by default for any platform, unless the author fully comprehends
406# the implications of doing so.In general, enabling these options will cause security
407# problems of varying degrees
408
Ed Tanousc5bcf352024-09-25 16:41:10 -0700409# BMCWEB_INSECURE_DISABLE_CSRF
Ed Tanous0cd5f782022-04-26 16:09:09 -0700410option(
411 'insecure-disable-csrf',
412 type: 'feature',
413 value: 'disabled',
414 description: '''Disable CSRF prevention checks.Should be set to false for
Ed Tanous50b37022024-06-25 13:00:04 -0700415 production systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700416)
417
Ed Tanousc5bcf352024-09-25 16:41:10 -0700418# BMCWEB_INSECURE_DISABLE_SSL
Ed Tanous0cd5f782022-04-26 16:09:09 -0700419option(
420 'insecure-disable-ssl',
421 type: 'feature',
422 value: 'disabled',
423 description: '''Disable SSL ports. Should be set to false for production
Ed Tanous50b37022024-06-25 13:00:04 -0700424 systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700425)
426
Ed Tanousc5bcf352024-09-25 16:41:10 -0700427# BMCWEB_INSECURE_DISABLE_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700428option(
429 'insecure-disable-auth',
430 type: 'feature',
431 value: 'disabled',
Nan Zhoua43ea822022-05-27 00:42:44 +0000432 description: '''Disable authentication and authoriztion on all ports.
Ed Tanous50b37022024-06-25 13:00:04 -0700433 Should be set to false for production systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700434)
435
Ed Tanousc5bcf352024-09-25 16:41:10 -0700436# BMCWEB_INSECURE_IGNORE_CONTENT_TYPE
Ed Tanous0cd5f782022-04-26 16:09:09 -0700437option(
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100438 'insecure-ignore-content-type',
439 type: 'feature',
Ed Tanousdb398022023-06-07 16:38:08 -0700440 value: 'disabled',
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100441 description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
442 of the presence of the content-type header. Enabling this
443 conflicts with the input parsing guidelines, but may be
444 required to support old clients that may not set the
Ed Tanous50b37022024-06-25 13:00:04 -0700445 Content-Type header on payloads.''',
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100446)
447
Ed Tanousc5bcf352024-09-25 16:41:10 -0700448# BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100449option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700450 'insecure-push-style-notification',
451 type: 'feature',
452 value: 'disabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700453 description: 'Enable HTTP push style eventing feature',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700454)
455
Ed Tanousc5bcf352024-09-25 16:41:10 -0700456# BMCWEB_INSECURE_ENABLE_REDFISH_QUERY
Ed Tanous0cd5f782022-04-26 16:09:09 -0700457option(
458 'insecure-enable-redfish-query',
459 type: 'feature',
460 value: 'disabled',
461 description: '''Enables Redfish expand query parameter. This feature is
462 experimental, and has not been tested against the full
463 limits of user-facing behavior. It is not recommended to
464 enable on production systems at this time. Other query
Ed Tanous50b37022024-06-25 13:00:04 -0700465 parameters such as only are not controlled by this option.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700466)