Blame - meson_options.txt - openbmc/bmcweb

blob: 584ca7024c5a76efe5476ccaead43a2db89e52e3 [file] [log] [blame]

Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	1	option(
				2	'yocto-deps',
				3	type: 'feature',
				4	value: 'disabled',
				5	description: 'Use YOCTO dependencies system'
				6	)
				7
				8	option(
				9	'kvm',
				10	type: 'feature',
				11	value: 'enabled',
				12	description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
				13	Video is from the BMCs /dev/videodevice.'''
				14	)
				15
				16	option(
				17	'tests',
				18	type: 'feature',
				19	value: 'enabled',
				20	description: 'Enable Unit tests for bmcweb'
				21	)
				22
				23	option(
				24	'vm-websocket',
				25	type: 'feature',
				26	value: 'enabled',
				27	description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 to
				28	open the websocket. See
				29	https://github.com/openbmc/jsnbd/blob/master/README.'''
				30	)
Ed Tanous	efb8062	2021-02-20 11:04:01 -0800	[diff] [blame]	31
				32	# if you use this option and are seeing this comment, please comment here:
				33	# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
				34	# for this code. At this point, no daemon has been upstreamed that implements
				35	# this interface, so for the moment this appears to be dead code; In leiu of
				36	# removing it, it has been disabled to try to give those that use it the
				37	# opportunity to upstream their backend implementation
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	38	#option(
				39	# 'vm-nbdproxy',
				40	# type: 'feature', value: 'disabled',
				41	# description: 'Enable the Virtual Media WebSocket.'
				42	#)
				43
				44	option(
				45	'rest',
				46	type: 'feature',
				47	value: 'disabled',
				48	description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
				49	Phosphor D-Bus object paths, for example,
				50	/xyz/openbmc_project/logging/entry/enumerate. See
				51	https://github.com/openbmc/docs/blob/master/rest-api.md.'''
				52	)
				53
				54	option(
				55	'redfish',
				56	type: 'feature',
				57	value: 'enabled',
				58	description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
				59	https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.'''
				60	)
				61
				62	option(
				63	'host-serial-socket',
				64	type: 'feature',
				65	value: 'enabled',
				66	description: '''Enable host serial console WebSocket. Path is /console0.
				67	See https://github.com/openbmc/docs/blob/master/console.md.'''
				68	)
				69
				70	option(
				71	'static-hosting',
				72	type: 'feature',
				73	value: 'enabled',
				74	description: '''Enable serving files from the /usr/share/www directory
				75	as paths under /.'''
				76	)
				77
				78	option(
				79	'redfish-bmc-journal',
				80	type: 'feature',
Willy Tu	f848367	2022-05-10 15:08:10 -0700	[diff] [blame]	81	value: 'enabled',
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	82	description: '''Enable BMC journal access through Redfish. Paths are under
				83	/redfish/v1/Managers/bmc/LogServices/Journal.'''
				84	)
				85
				86	option(
				87	'redfish-cpu-log',
				88	type: 'feature',
				89	value: 'disabled',
				90	description: '''Enable CPU log service transactions through Redfish. Paths
				91	are under /redfish/v1/Systems/system/LogServices/Crashdump'.'''
				92	)
				93
				94	option(
				95	'redfish-dump-log',
				96	type: 'feature',
				97	value: 'disabled',
				98	description: '''Enable Dump log service transactions through Redfish. Paths
				99	are under /redfish/v1/Systems/system/LogServices/Dump
				100	and /redfish/v1/Managers/bmc/LogServices/Dump'''
				101	)
				102
				103	option(
				104	'redfish-dbus-log',
				105	type: 'feature',
				106	value: 'disabled',
				107	description: '''Enable DBUS log service transactions through Redfish. Paths
				108	are under
				109	/redfish/v1/Systems/system/LogServices/EventLog/Entries'''
				110	)
				111
				112	option(
				113	'redfish-host-logger',
				114	type: 'feature',
				115	value: 'enabled',
				116	description: '''Enable host log service transactions based on
				117	phosphor-hostlogger through Redfish. Paths are under
				118	/redfish/v1/Systems/system/LogServices/HostLogger'''
				119	)
				120
				121	option(
Ninad Palsule	5fd0aaf	2023-04-20 15:11:21 -0500	[diff] [blame]	122	'redfish-enable-proccessor-memory-status',
				123	type: 'feature',
				124	value: 'disabled',
				125	description: '''Enable/disable the deprecated processor and memory summary
				126	status. The default condition is disabling the processor
				127	and memory summary status. This option will be removed in
				128	1Q 2024.'''
				129	)
				130
				131	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	132	'redfish-provisioning-feature',
				133	type: 'feature',
				134	value: 'disabled',
				135	description: '''Enable provisioning feature support in redfish. Paths are
				136	under /redfish/v1/Systems/system/'''
				137	)
				138
				139	option(
				140	'bmcweb-logging',
Myung Bae	662aa6e	2023-01-10 14:20:28 -0600	[diff] [blame]	141	type: 'combo',
				142	choices : [ 'disabled', 'enabled', 'debug', 'info', 'warning', 'error', 'critical' ],
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	143	value: 'disabled',
Myung Bae	662aa6e	2023-01-10 14:20:28 -0600	[diff] [blame]	144	description: '''Enable output the extended logging level.
				145	- disabled: disable bmcweb log traces.
				146	- enabled: treated as 'debug'
				147	- For the other logging level option, see DEVELOPING.md.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	148	)
				149
				150	option(
				151	'basic-auth',
				152	type: 'feature',
				153	value: 'enabled',
				154	description: 'Enable basic authentication'
				155	)
				156
				157	option(
				158	'session-auth',
				159	type: 'feature',
				160	value: 'enabled',
				161	description: 'Enable session authentication'
				162	)
				163
				164	option(
				165	'xtoken-auth',
				166	type: 'feature',
				167	value: 'enabled',
				168	description: 'Enable xtoken authentication'
				169	)
				170
				171	option(
				172	'cookie-auth',
				173	type: 'feature',
				174	value: 'enabled',
				175	description: 'Enable cookie authentication'
				176	)
				177
				178	option(
				179	'mutual-tls-auth',
				180	type: 'feature',
				181	value: 'enabled',
				182	description: '''Enables authenticating users through TLS client
				183	certificates. The insecure-disable-ssl must be disabled for
				184	this option to take effect.'''
				185	)
				186
				187	option(
Marco Kawajiri	0e373b5	2023-10-31 13:36:58 -0700	[diff] [blame]	188	'mutual-tls-common-name-parsing',
				189	type: 'combo',
				190	choices: ['username', 'meta'],
				191	value: 'username',
				192	description: '''Sets logic to map the Subject Common Name field to a user
				193	in client TLS certificates.
				194	- username: Use the Subject CN field as a BMC username
				195	(default)
				196	- meta: Parses the Subject CN in the format used by
				197	Meta Inc (see mutual_tls_meta.cpp for details)
				198	'''
				199	)
				200
				201	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	202	'ibm-management-console',
				203	type: 'feature',
				204	value: 'disabled',
				205	description: '''Enable the IBM management console specific functionality.
				206	Paths are under /ibm/v1/'''
				207	)
				208
				209	option(
				210	'google-api',
				211	type: 'feature',
				212	value: 'disabled',
				213	description: '''Enable the Google specific functionality. Paths are under
				214	/google/v1/'''
				215	)
				216
				217	option(
				218	'http-body-limit',
				219	type: 'integer',
				220	min: 0,
				221	max: 512,
				222	value: 30,
				223	description: 'Specifies the http request body length limit'
				224	)
				225
				226	option(
				227	'redfish-new-powersubsystem-thermalsubsystem',
				228	type: 'feature',
				229	value: 'disabled',
				230	description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
				231	and all children schemas. This includes displaying all
				232	sensors in the SensorCollection. At a later date, this
				233	feature will be defaulted to enabled.'''
				234	)
				235
				236	option(
				237	'redfish-allow-deprecated-power-thermal',
				238	type: 'feature',
				239	value: 'enabled',
				240	description: '''Enable/disable the old Power / Thermal. The default
				241	condition is allowing the old Power / Thermal.'''
				242	)
				243
				244	option(
Gunnar Mills	54dce7f	2022-08-05 17:01:32 +0000	[diff] [blame]	245	'redfish-oem-manager-fan-data',
				246	type: 'feature',
				247	value: 'enabled',
				248	description: '''Enables Redfish OEM fan data on the manager resource.
				249	This includes PID and Stepwise controller data. See
				250	OemManager schema for more detail.'''
				251	)
				252
				253	option(
Ed Tanous	6f8273e	2023-05-31 12:44:26 -0700	[diff] [blame]	254	'redfish-health-populate',
				255	type: 'feature',
				256	value: 'disabled',
				257	description: '''Enables HealthPopulate and generate the Status property for
				258	the resource. This option will be removed Q1 2024'''
				259	)
				260
				261	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	262	'https_port',
				263	type: 'integer',
				264	min: 1,
				265	max: 65535,
				266	value: 443,
				267	description: 'HTTPS Port number.'
				268	)
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	269
Carson Labrado	7fb3356	2022-04-18 23:26:56 +0000	[diff] [blame]	270	option(
Ed Tanous	f8ca6d7	2022-06-28 12:12:03 -0700	[diff] [blame]	271	'dns-resolver',
				272	type: 'combo',
				273	choices: ['systemd-dbus', 'asio'],
				274	value: 'systemd-dbus',
				275	description: '''Sets which DNS resolver backend should be used.
				276	systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
				277	support. asio relies on boost::asio::tcp::resolver, but cannot resolve
				278	names when boost threading is disabled.'''
				279	)
				280
				281	option(
Carson Labrado	7fb3356	2022-04-18 23:26:56 +0000	[diff] [blame]	282	'redfish-aggregation',
				283	type: 'feature',
				284	value: 'disabled',
				285	description: 'Allows this BMC to aggregate resources from satellite BMCs'
				286	)
				287
Ed Tanous	7f3e84a	2022-12-28 16:22:54 -0800	[diff] [blame]	288	option(
				289	'experimental-redfish-multi-computer-system',
				290	type: 'feature',
				291	value: 'disabled',
				292	description: '''This is a temporary option flag for staging the
				293	ComputerSystemCollection transition to multi-host. It, as well as the code
				294	still beneath it will be removed on 9/1/2023. Do not enable in a
				295	production environment, or where API stability is required.'''
				296	)
				297
Ed Tanous	fca2cbe	2021-01-28 14:49:59 -0800	[diff] [blame]	298	option(
				299	'experimental-http2',
				300	type: 'feature',
				301	value: 'disabled',
				302	description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
				303	on this option for any production systems. It may have
				304	behavior changes or be removed at any time.'''
				305	)
				306
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	307	# Insecure options. Every option that starts with a `insecure` flag should
				308	# not be enabled by default for any platform, unless the author fully comprehends
				309	# the implications of doing so.In general, enabling these options will cause security
				310	# problems of varying degrees
				311
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	312	option(
				313	'insecure-disable-csrf',
				314	type: 'feature',
				315	value: 'disabled',
				316	description: '''Disable CSRF prevention checks.Should be set to false for
				317	production systems.'''
				318	)
				319
				320	option(
				321	'insecure-disable-ssl',
				322	type: 'feature',
				323	value: 'disabled',
				324	description: '''Disable SSL ports. Should be set to false for production
				325	systems.'''
				326	)
				327
				328	option(
				329	'insecure-disable-auth',
				330	type: 'feature',
				331	value: 'disabled',
Nan Zhou	a43ea82	2022-05-27 00:42:44 +0000	[diff] [blame]	332	description: '''Disable authentication and authoriztion on all ports.
				333	Should be set to false for production systems.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	334	)
				335
				336	option(
				337	'insecure-disable-xss',
				338	type: 'feature',
				339	value: 'disabled',
				340	description: 'Disable XSS preventions'
				341	)
				342
				343	option(
				344	'insecure-tftp-update',
				345	type: 'feature',
				346	value: 'disabled',
				347	description: '''Enable TFTP based firmware update transactions through
				348	Redfish UpdateService. SimpleUpdate.'''
				349	)
				350
				351	option(
Ed Tanous	1aa0c2b	2022-02-08 12:24:30 +0100	[diff] [blame]	352	'insecure-ignore-content-type',
				353	type: 'feature',
Ed Tanous	db39802	2023-06-07 16:38:08 -0700	[diff] [blame]	354	value: 'disabled',
Ed Tanous	1aa0c2b	2022-02-08 12:24:30 +0100	[diff] [blame]	355	description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
				356	of the presence of the content-type header. Enabling this
				357	conflicts with the input parsing guidelines, but may be
				358	required to support old clients that may not set the
				359	Content-Type header on payloads.'''
				360	)
				361
				362	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	363	'insecure-push-style-notification',
				364	type: 'feature',
				365	value: 'disabled',
				366	description: 'Enable HTTP push style eventing feature'
				367	)
				368
				369	option(
				370	'insecure-enable-redfish-query',
				371	type: 'feature',
				372	value: 'disabled',
				373	description: '''Enables Redfish expand query parameter. This feature is
				374	experimental, and has not been tested against the full
				375	limits of user-facing behavior. It is not recommended to
				376	enable on production systems at this time. Other query
				377	parameters such as only are not controlled by this option.'''
				378	)