Blame - meson_options.txt - openbmc/bmcweb

blob: e731ab344aaa83e78128156908c8a5db04c04aeb [file] [log] [blame]

Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	1	option(
				2	'yocto-deps',
				3	type: 'feature',
				4	value: 'disabled',
				5	description: 'Use YOCTO dependencies system'
				6	)
				7
				8	option(
				9	'kvm',
				10	type: 'feature',
				11	value: 'enabled',
				12	description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
				13	Video is from the BMCs /dev/videodevice.'''
				14	)
				15
				16	option(
				17	'tests',
				18	type: 'feature',
				19	value: 'enabled',
				20	description: 'Enable Unit tests for bmcweb'
				21	)
				22
				23	option(
				24	'vm-websocket',
				25	type: 'feature',
				26	value: 'enabled',
				27	description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 to
				28	open the websocket. See
				29	https://github.com/openbmc/jsnbd/blob/master/README.'''
				30	)
Ed Tanous	efb8062	2021-02-20 11:04:01 -0800	[diff] [blame]	31
				32	# if you use this option and are seeing this comment, please comment here:
				33	# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
				34	# for this code. At this point, no daemon has been upstreamed that implements
				35	# this interface, so for the moment this appears to be dead code; In leiu of
				36	# removing it, it has been disabled to try to give those that use it the
				37	# opportunity to upstream their backend implementation
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	38	#option(
				39	# 'vm-nbdproxy',
				40	# type: 'feature', value: 'disabled',
				41	# description: 'Enable the Virtual Media WebSocket.'
				42	#)
				43
				44	option(
				45	'rest',
				46	type: 'feature',
				47	value: 'disabled',
				48	description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
				49	Phosphor D-Bus object paths, for example,
				50	/xyz/openbmc_project/logging/entry/enumerate. See
				51	https://github.com/openbmc/docs/blob/master/rest-api.md.'''
				52	)
				53
				54	option(
				55	'redfish',
				56	type: 'feature',
				57	value: 'enabled',
				58	description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
				59	https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.'''
				60	)
				61
				62	option(
				63	'host-serial-socket',
				64	type: 'feature',
				65	value: 'enabled',
				66	description: '''Enable host serial console WebSocket. Path is /console0.
				67	See https://github.com/openbmc/docs/blob/master/console.md.'''
				68	)
				69
				70	option(
				71	'static-hosting',
				72	type: 'feature',
				73	value: 'enabled',
				74	description: '''Enable serving files from the /usr/share/www directory
				75	as paths under /.'''
				76	)
				77
				78	option(
				79	'redfish-bmc-journal',
				80	type: 'feature',
				81	value: 'disabled',
				82	description: '''Enable BMC journal access through Redfish. Paths are under
				83	/redfish/v1/Managers/bmc/LogServices/Journal.'''
				84	)
				85
				86	option(
				87	'redfish-cpu-log',
				88	type: 'feature',
				89	value: 'disabled',
				90	description: '''Enable CPU log service transactions through Redfish. Paths
				91	are under /redfish/v1/Systems/system/LogServices/Crashdump'.'''
				92	)
				93
				94	option(
				95	'redfish-dump-log',
				96	type: 'feature',
				97	value: 'disabled',
				98	description: '''Enable Dump log service transactions through Redfish. Paths
				99	are under /redfish/v1/Systems/system/LogServices/Dump
				100	and /redfish/v1/Managers/bmc/LogServices/Dump'''
				101	)
				102
				103	option(
				104	'redfish-dbus-log',
				105	type: 'feature',
				106	value: 'disabled',
				107	description: '''Enable DBUS log service transactions through Redfish. Paths
				108	are under
				109	/redfish/v1/Systems/system/LogServices/EventLog/Entries'''
				110	)
				111
				112	option(
				113	'redfish-host-logger',
				114	type: 'feature',
				115	value: 'enabled',
				116	description: '''Enable host log service transactions based on
				117	phosphor-hostlogger through Redfish. Paths are under
				118	/redfish/v1/Systems/system/LogServices/HostLogger'''
				119	)
				120
				121	option(
				122	'redfish-provisioning-feature',
				123	type: 'feature',
				124	value: 'disabled',
				125	description: '''Enable provisioning feature support in redfish. Paths are
				126	under /redfish/v1/Systems/system/'''
				127	)
				128
				129	option(
				130	'bmcweb-logging',
				131	type: 'feature',
				132	value: 'disabled',
				133	description: 'Enable output the extended debug logs'
				134	)
				135
				136	option(
				137	'basic-auth',
				138	type: 'feature',
				139	value: 'enabled',
				140	description: 'Enable basic authentication'
				141	)
				142
				143	option(
				144	'session-auth',
				145	type: 'feature',
				146	value: 'enabled',
				147	description: 'Enable session authentication'
				148	)
				149
				150	option(
				151	'xtoken-auth',
				152	type: 'feature',
				153	value: 'enabled',
				154	description: 'Enable xtoken authentication'
				155	)
				156
				157	option(
				158	'cookie-auth',
				159	type: 'feature',
				160	value: 'enabled',
				161	description: 'Enable cookie authentication'
				162	)
				163
				164	option(
				165	'mutual-tls-auth',
				166	type: 'feature',
				167	value: 'enabled',
				168	description: '''Enables authenticating users through TLS client
				169	certificates. The insecure-disable-ssl must be disabled for
				170	this option to take effect.'''
				171	)
				172
				173	option(
				174	'ibm-management-console',
				175	type: 'feature',
				176	value: 'disabled',
				177	description: '''Enable the IBM management console specific functionality.
				178	Paths are under /ibm/v1/'''
				179	)
				180
				181	option(
				182	'google-api',
				183	type: 'feature',
				184	value: 'disabled',
				185	description: '''Enable the Google specific functionality. Paths are under
				186	/google/v1/'''
				187	)
				188
				189	option(
				190	'http-body-limit',
				191	type: 'integer',
				192	min: 0,
				193	max: 512,
				194	value: 30,
				195	description: 'Specifies the http request body length limit'
				196	)
				197
				198	option(
				199	'redfish-new-powersubsystem-thermalsubsystem',
				200	type: 'feature',
				201	value: 'disabled',
				202	description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
				203	and all children schemas. This includes displaying all
				204	sensors in the SensorCollection. At a later date, this
				205	feature will be defaulted to enabled.'''
				206	)
				207
				208	option(
				209	'redfish-allow-deprecated-power-thermal',
				210	type: 'feature',
				211	value: 'enabled',
				212	description: '''Enable/disable the old Power / Thermal. The default
				213	condition is allowing the old Power / Thermal.'''
				214	)
				215
				216	option(
Ed Tanous	4dc23f3	2022-05-11 11:32:19 -0700	[diff] [blame]	217	'redfish-post-to-old-updateservice',
				218	type: 'feature',
				219	value: 'enabled',
				220	description: '''Allows POST to /redfish/v1/UpdateService, counter to
				221	the redfish specification. Option provided to allow
				222	potential users to move away from using this endpoint.
				223	Option will be removed Q4 2022.'''
				224	)
				225
Ed Tanous	4dc23f3	2022-05-11 11:32:19 -0700	[diff] [blame]	226	option(
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	227	'https_port',
				228	type: 'integer',
				229	min: 1,
				230	max: 65535,
				231	value: 443,
				232	description: 'HTTPS Port number.'
				233	)
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	234
Carson Labrado	7fb3356	2022-04-18 23:26:56 +0000	[diff] [blame]	235	option(
				236	'redfish-aggregation',
				237	type: 'feature',
				238	value: 'disabled',
				239	description: 'Allows this BMC to aggregate resources from satellite BMCs'
				240	)
				241
Manojkiran Eda	af6298d	2020-05-27 08:51:32 +0530	[diff] [blame]	242	# Insecure options. Every option that starts with a `insecure` flag should
				243	# not be enabled by default for any platform, unless the author fully comprehends
				244	# the implications of doing so.In general, enabling these options will cause security
				245	# problems of varying degrees
				246
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	247	option(
				248	'insecure-disable-csrf',
				249	type: 'feature',
				250	value: 'disabled',
				251	description: '''Disable CSRF prevention checks.Should be set to false for
				252	production systems.'''
				253	)
				254
				255	option(
				256	'insecure-disable-ssl',
				257	type: 'feature',
				258	value: 'disabled',
				259	description: '''Disable SSL ports. Should be set to false for production
				260	systems.'''
				261	)
				262
				263	option(
				264	'insecure-disable-auth',
				265	type: 'feature',
				266	value: 'disabled',
Nan Zhou	a43ea82	2022-05-27 00:42:44 +0000	[diff] [blame^]	267	description: '''Disable authentication and authoriztion on all ports.
				268	Should be set to false for production systems.'''
Ed Tanous	0cd5f78	2022-04-26 16:09:09 -0700	[diff] [blame]	269	)
				270
				271	option(
				272	'insecure-disable-xss',
				273	type: 'feature',
				274	value: 'disabled',
				275	description: 'Disable XSS preventions'
				276	)
				277
				278	option(
				279	'insecure-tftp-update',
				280	type: 'feature',
				281	value: 'disabled',
				282	description: '''Enable TFTP based firmware update transactions through
				283	Redfish UpdateService. SimpleUpdate.'''
				284	)
				285
				286	option(
				287	'insecure-push-style-notification',
				288	type: 'feature',
				289	value: 'disabled',
				290	description: 'Enable HTTP push style eventing feature'
				291	)
				292
				293	option(
				294	'insecure-enable-redfish-query',
				295	type: 'feature',
				296	value: 'disabled',
				297	description: '''Enables Redfish expand query parameter. This feature is
				298	experimental, and has not been tested against the full
				299	limits of user-facing behavior. It is not recommended to
				300	enable on production systems at this time. Other query
				301	parameters such as only are not controlled by this option.'''
				302	)