Blame - meson_options.txt - openbmc/bmcweb

blob: f84e59aebc60429ce69f4818fd7ce15274c6b141 [file] [log] [blame]

Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	1	option(
				2	'yocto-deps',
				3	type: 'feature',
				4	value: 'disabled',
				5	description: 'Use YOCTO dependencies system'
				6	)
				7
				8	option(
				9	'kvm',
				10	type: 'feature',
				11	value: 'enabled',
				12	description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
				13	Video is from the BMCs /dev/videodevice.'''
				14	)
				15
				16	option(
				17	'tests',
				18	type: 'feature',
				19	value: 'enabled',
				20	description: 'Enable Unit tests for bmcweb'
				21	)
				22
				23	option(
				24	'vm-websocket',
				25	type: 'feature',
				26	value: 'enabled',
				27	description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 to
				28	open the websocket. See
				29	https://github.com/openbmc/jsnbd/blob/master/README.'''
				30	)
Ed Tanous	efb8062	2021-02-20 11:04:01 -0800	[diff] [blame]	31
				32	# if you use this option and are seeing this comment, please comment here:
				33	# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
				34	# for this code. At this point, no daemon has been upstreamed that implements
				35	# this interface, so for the moment this appears to be dead code; In leiu of
				36	# removing it, it has been disabled to try to give those that use it the
				37	# opportunity to upstream their backend implementation
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	38	#option(
				39	# 'vm-nbdproxy',
				40	# type: 'feature', value: 'disabled',
				41	# description: 'Enable the Virtual Media WebSocket.'
				42	#)
				43
				44	option(
				45	'rest',
				46	type: 'feature',
				47	value: 'disabled',
				48	description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
				49	Phosphor D-Bus object paths, for example,
				50	/xyz/openbmc_project/logging/entry/enumerate. See
				51	https://github.com/openbmc/docs/blob/master/rest-api.md.'''
				52	)
				53
				54	option(
				55	'redfish',
				56	type: 'feature',
				57	value: 'enabled',
				58	description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
				59	https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.'''
				60	)
				61
				62	option(
				63	'host-serial-socket',
				64	type: 'feature',
				65	value: 'enabled',
				66	description: '''Enable host serial console WebSocket. Path is /console0.
				67	See https://github.com/openbmc/docs/blob/master/console.md.'''
				68	)
				69
				70	option(
				71	'static-hosting',
				72	type: 'feature',
				73	value: 'enabled',
				74	description: '''Enable serving files from the /usr/share/www directory
				75	as paths under /.'''
				76	)
				77
				78	option(
				79	'redfish-bmc-journal',
				80	type: 'feature',
Willy Tu	f848367	2022-05-10 15:08:10 -0700	[diff] [blame]	81	value: 'enabled',
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	82	description: '''Enable BMC journal access through Redfish. Paths are under
				83	/redfish/v1/Managers/bmc/LogServices/Journal.'''
				84	)
				85
				86	option(
				87	'redfish-cpu-log',
				88	type: 'feature',
				89	value: 'disabled',
				90	description: '''Enable CPU log service transactions through Redfish. Paths
				91	are under /redfish/v1/Systems/system/LogServices/Crashdump'.'''
				92	)
				93
				94	option(
				95	'redfish-dump-log',
				96	type: 'feature',
				97	value: 'disabled',
				98	description: '''Enable Dump log service transactions through Redfish. Paths
				99	are under /redfish/v1/Systems/system/LogServices/Dump
				100	and /redfish/v1/Managers/bmc/LogServices/Dump'''
				101	)
				102
				103	option(
				104	'redfish-dbus-log',
				105	type: 'feature',
				106	value: 'disabled',
				107	description: '''Enable DBUS log service transactions through Redfish. Paths
				108	are under
				109	/redfish/v1/Systems/system/LogServices/EventLog/Entries'''
				110	)
				111
				112	option(
				113	'redfish-host-logger',
				114	type: 'feature',
				115	value: 'enabled',
				116	description: '''Enable host log service transactions based on
				117	phosphor-hostlogger through Redfish. Paths are under
				118	/redfish/v1/Systems/system/LogServices/HostLogger'''
				119	)
				120
				121	option(
				122	'redfish-provisioning-feature',
				123	type: 'feature',
				124	value: 'disabled',
				125	description: '''Enable provisioning feature support in redfish. Paths are
				126	under /redfish/v1/Systems/system/'''
				127	)
				128
				129	option(
				130	'bmcweb-logging',
Myung Bae	662aa6e	2023-01-10 14:20:28 -0600	[diff] [blame]	131	type: 'combo',
				132	choices : [ 'disabled', 'enabled', 'debug', 'info', 'warning', 'error', 'critical' ],
Ed Tanous	4d1db04	2024-02-16 13:08:34 -0800	[diff] [blame]	133	value: 'error',
Myung Bae	662aa6e	2023-01-10 14:20:28 -0600	[diff] [blame]	134	description: '''Enable output the extended logging level.
				135	- disabled: disable bmcweb log traces.
				136	- enabled: treated as 'debug'
				137	- For the other logging level option, see DEVELOPING.md.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	138	)
				139
				140	option(
				141	'basic-auth',
				142	type: 'feature',
				143	value: 'enabled',
				144	description: 'Enable basic authentication'
				145	)
				146
				147	option(
				148	'session-auth',
				149	type: 'feature',
				150	value: 'enabled',
				151	description: 'Enable session authentication'
				152	)
				153
				154	option(
				155	'xtoken-auth',
				156	type: 'feature',
				157	value: 'enabled',
				158	description: 'Enable xtoken authentication'
				159	)
				160
				161	option(
				162	'cookie-auth',
				163	type: 'feature',
				164	value: 'enabled',
				165	description: 'Enable cookie authentication'
				166	)
				167
				168	option(
				169	'mutual-tls-auth',
				170	type: 'feature',
				171	value: 'enabled',
				172	description: '''Enables authenticating users through TLS client
				173	certificates. The insecure-disable-ssl must be disabled for
				174	this option to take effect.'''
				175	)
				176
				177	option(
Marco Kawajiri	0e373b5	2023-10-31 13:36:58 -0700	[diff] [blame]	178	'mutual-tls-common-name-parsing',
				179	type: 'combo',
				180	choices: ['username', 'meta'],
				181	value: 'username',
				182	description: '''Sets logic to map the Subject Common Name field to a user
				183	in client TLS certificates.
				184	- username: Use the Subject CN field as a BMC username
				185	(default)
				186	- meta: Parses the Subject CN in the format used by
				187	Meta Inc (see mutual_tls_meta.cpp for details)
				188	'''
				189	)
				190
				191	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	192	'ibm-management-console',
				193	type: 'feature',
				194	value: 'disabled',
				195	description: '''Enable the IBM management console specific functionality.
				196	Paths are under /ibm/v1/'''
				197	)
				198
				199	option(
				200	'google-api',
				201	type: 'feature',
				202	value: 'disabled',
				203	description: '''Enable the Google specific functionality. Paths are under
				204	/google/v1/'''
				205	)
				206
				207	option(
				208	'http-body-limit',
				209	type: 'integer',
				210	min: 0,
				211	max: 512,
				212	value: 30,
				213	description: 'Specifies the http request body length limit'
				214	)
				215
				216	option(
				217	'redfish-new-powersubsystem-thermalsubsystem',
				218	type: 'feature',
Gunnar Mills	8615915	2024-02-06 14:54:39 -0600	[diff] [blame]	219	value: 'enabled',
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	220	description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
				221	and all children schemas. This includes displaying all
Gunnar Mills	8615915	2024-02-06 14:54:39 -0600	[diff] [blame]	222	sensors in the SensorCollection.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	223	)
				224
				225	option(
				226	'redfish-allow-deprecated-power-thermal',
				227	type: 'feature',
				228	value: 'enabled',
				229	description: '''Enable/disable the old Power / Thermal. The default
Gunnar Mills	8615915	2024-02-06 14:54:39 -0600	[diff] [blame]	230	condition is allowing the old Power / Thermal. This
				231	will be disabled by default June 2024. '''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	232	)
				233
				234	option(
Gunnar Mills	54dce7f	2022-08-05 17:01:32 +0000	[diff] [blame]	235	'redfish-oem-manager-fan-data',
				236	type: 'feature',
				237	value: 'enabled',
				238	description: '''Enables Redfish OEM fan data on the manager resource.
				239	This includes PID and Stepwise controller data. See
				240	OemManager schema for more detail.'''
				241	)
				242
				243	option(
Ed Tanous	6f8273e	2023-05-31 12:44:26 -0700	[diff] [blame]	244	'redfish-health-populate',
				245	type: 'feature',
				246	value: 'disabled',
				247	description: '''Enables HealthPopulate and generate the Status property for
				248	the resource. This option will be removed Q1 2024'''
				249	)
				250
				251	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	252	'https_port',
				253	type: 'integer',
				254	min: 1,
				255	max: 65535,
				256	value: 443,
				257	description: 'HTTPS Port number.'
				258	)
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	259
Carson Labrado	7fb3356	2022-04-18 23:26:56 +0000	[diff] [blame]	260	option(
Ed Tanous	f8ca6d7	2022-06-28 12:12:03 -0700	[diff] [blame]	261	'dns-resolver',
				262	type: 'combo',
				263	choices: ['systemd-dbus', 'asio'],
				264	value: 'systemd-dbus',
				265	description: '''Sets which DNS resolver backend should be used.
				266	systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
				267	support. asio relies on boost::asio::tcp::resolver, but cannot resolve
				268	names when boost threading is disabled.'''
				269	)
				270
				271	option(
Carson Labrado	7fb3356	2022-04-18 23:26:56 +0000	[diff] [blame]	272	'redfish-aggregation',
				273	type: 'feature',
				274	value: 'disabled',
				275	description: 'Allows this BMC to aggregate resources from satellite BMCs'
				276	)
				277
Ed Tanous	7f3e84a	2022-12-28 16:22:54 -0800	[diff] [blame]	278	option(
				279	'experimental-redfish-multi-computer-system',
				280	type: 'feature',
				281	value: 'disabled',
				282	description: '''This is a temporary option flag for staging the
				283	ComputerSystemCollection transition to multi-host. It, as well as the code
Patrick Williams	17505c6	2024-02-20 07:09:17 -0600	[diff] [blame]	284	still beneath it will be removed on 9/1/2024. Do not enable in a
Ed Tanous	7f3e84a	2022-12-28 16:22:54 -0800	[diff] [blame]	285	production environment, or where API stability is required.'''
				286	)
				287
Ed Tanous	fca2cbe	2021-01-28 14:49:59 -0800	[diff] [blame]	288	option(
				289	'experimental-http2',
				290	type: 'feature',
				291	value: 'disabled',
				292	description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
				293	on this option for any production systems. It may have
				294	behavior changes or be removed at any time.'''
				295	)
				296
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	297	# Insecure options. Every option that starts with a `insecure` flag should
				298	# not be enabled by default for any platform, unless the author fully comprehends
				299	# the implications of doing so.In general, enabling these options will cause security
				300	# problems of varying degrees
				301
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	302	option(
				303	'insecure-disable-csrf',
				304	type: 'feature',
				305	value: 'disabled',
				306	description: '''Disable CSRF prevention checks.Should be set to false for
				307	production systems.'''
				308	)
				309
				310	option(
				311	'insecure-disable-ssl',
				312	type: 'feature',
				313	value: 'disabled',
				314	description: '''Disable SSL ports. Should be set to false for production
				315	systems.'''
				316	)
				317
				318	option(
				319	'insecure-disable-auth',
				320	type: 'feature',
				321	value: 'disabled',
Nan Zhou	a43ea82	2022-05-27 00:42:44 +0000	[diff] [blame]	322	description: '''Disable authentication and authoriztion on all ports.
				323	Should be set to false for production systems.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	324	)
				325
				326	option(
				327	'insecure-disable-xss',
				328	type: 'feature',
				329	value: 'disabled',
				330	description: 'Disable XSS preventions'
				331	)
				332
				333	option(
				334	'insecure-tftp-update',
				335	type: 'feature',
				336	value: 'disabled',
				337	description: '''Enable TFTP based firmware update transactions through
				338	Redfish UpdateService. SimpleUpdate.'''
				339	)
				340
				341	option(
Ed Tanous	1aa0c2b	2022-02-08 12:24:30 +0100	[diff] [blame]	342	'insecure-ignore-content-type',
				343	type: 'feature',
Ed Tanous	db39802	2023-06-07 16:38:08 -0700	[diff] [blame]	344	value: 'disabled',
Ed Tanous	1aa0c2b	2022-02-08 12:24:30 +0100	[diff] [blame]	345	description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
				346	of the presence of the content-type header. Enabling this
				347	conflicts with the input parsing guidelines, but may be
				348	required to support old clients that may not set the
				349	Content-Type header on payloads.'''
				350	)
				351
				352	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	353	'insecure-push-style-notification',
				354	type: 'feature',
				355	value: 'disabled',
				356	description: 'Enable HTTP push style eventing feature'
				357	)
				358
				359	option(
				360	'insecure-enable-redfish-query',
				361	type: 'feature',
				362	value: 'disabled',
				363	description: '''Enables Redfish expand query parameter. This feature is
				364	experimental, and has not been tested against the full
				365	limits of user-facing behavior. It is not recommended to
				366	enable on production systems at this time. Other query
				367	parameters such as only are not controlled by this option.'''
				368	)