Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / a49436930f9295bb74908dbd002409ee96325ea6 / . / meson.options
blob: 77aa237132e32556678a11698f4d9e8e01eed1a8 [file] [log] [blame]
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]1# BMCWEB_KVM
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]2option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]3 'kvm',
4 type: 'feature',
5 value: 'enabled',
6 description: '''Enable the KVM host video WebSocket. Path is /kvm/0.
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]7 Video is from the BMCs /dev/videodevice.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]8)
9
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]10# BMCWEB_TESTS
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]11option(
12 'tests',
13 type: 'feature',
14 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]15 description: 'Enable Unit tests for bmcweb',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]16)
17
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]18# BMCWEB_VM_WEBSOCKET
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]19option(
20 'vm-websocket',
21 type: 'feature',
22 value: 'enabled',
Ed Tanous36c0f2a2024-02-09 13:50:26 -0800[diff] [blame]23 description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]24 open the websocket. See
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]25 https://github.com/openbmc/jsnbd/blob/master/README.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]26)
Ed Tanousefb80622021-02-20 11:04:01 -0800[diff] [blame]27
Ed Tanous56b81992024-12-02 10:36:37 -0800[diff] [blame]28option(
29 'redfish-use-3-digit-messageid',
30 type: 'feature',
31 value: 'disabled',
32 description: '''Prior to a bug fix, bmcweb exposed error messages with a
33 MessageId of Base.x.y.z.Message which was incorrect.
34 Enabling this option causes return codes to return the old
35 incorrect version for backward compatibility. Will be
Ed Tanous04adfbc2024-12-27 10:55:20 -0800[diff] [blame]36 removed Q2-2025''',
Ed Tanous56b81992024-12-02 10:36:37 -0800[diff] [blame]37)
38
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]39# BMCWEB_NBDPROXY
Ed Tanousefb80622021-02-20 11:04:01 -0800[diff] [blame]40# if you use this option and are seeing this comment, please comment here:
41# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
42# for this code. At this point, no daemon has been upstreamed that implements
43# this interface, so for the moment this appears to be dead code; In leiu of
44# removing it, it has been disabled to try to give those that use it the
45# opportunity to upstream their backend implementation
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]46#option(
47# 'vm-nbdproxy',
Ed Tanous36c0f2a2024-02-09 13:50:26 -0800[diff] [blame]48# type: 'feature',
49# value: 'disabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]50# description: 'Enable the Virtual Media WebSocket.'
51#)
52
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]53# BMCWEB_REST
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]54option(
55 'rest',
56 type: 'feature',
57 value: 'disabled',
58 description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
59 Phosphor D-Bus object paths, for example,
60 /xyz/openbmc_project/logging/entry/enumerate. See
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]61 https://github.com/openbmc/docs/blob/master/rest-api.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]62)
63
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]64# BMCWEB_REDFISH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]65option(
66 'redfish',
67 type: 'feature',
68 value: 'enabled',
69 description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]70 https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]71)
72
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]73# BMCWEB_HOST_SERIAL_SOCKET
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]74option(
75 'host-serial-socket',
76 type: 'feature',
77 value: 'enabled',
78 description: '''Enable host serial console WebSocket. Path is /console0.
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]79 See https://github.com/openbmc/docs/blob/master/console.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]80)
81
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]82# BMCWEB_STATIC_HOSTING
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]83option(
84 'static-hosting',
85 type: 'feature',
86 value: 'enabled',
87 description: '''Enable serving files from the /usr/share/www directory
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]88 as paths under /.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]89)
90
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]91# BMCWEB_REDFISH_BMC_JOURNAL
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]92option(
93 'redfish-bmc-journal',
94 type: 'feature',
Willy Tuf8483672022-05-10 15:08:10 -0700[diff] [blame]95 value: 'enabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]96 description: '''Enable BMC journal access through Redfish. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]97 /redfish/v1/Managers/bmc/LogServices/Journal.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]98)
99
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]100# BMCWEB_REDFISH_CPU_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]101option(
102 'redfish-cpu-log',
103 type: 'feature',
104 value: 'disabled',
105 description: '''Enable CPU log service transactions through Redfish. Paths
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]106 are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]107)
108
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]109# BMCWEB_REDFISH_DUMP_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]110option(
111 'redfish-dump-log',
112 type: 'feature',
113 value: 'disabled',
114 description: '''Enable Dump log service transactions through Redfish. Paths
115 are under /redfish/v1/Systems/system/LogServices/Dump
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]116 and /redfish/v1/Managers/bmc/LogServices/Dump''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]117)
118
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]119# BMCWEB_REDFISH_DBUS_LOG
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]120option(
121 'redfish-dbus-log',
122 type: 'feature',
123 value: 'disabled',
124 description: '''Enable DBUS log service transactions through Redfish. Paths
125 are under
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]126 /redfish/v1/Systems/system/LogServices/EventLog/Entries''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]127)
128
Alexander Hansen6c58a032024-11-21 15:27:04 -0800[diff] [blame]129# BMCWEB_EXPERIMENTAL_REDFISH_DBUS_LOG_SUBSCRIPTION
130option(
131 'experimental-redfish-dbus-log-subscription',
132 type: 'feature',
133 value: 'disabled',
134 description: '''
135 Allows EventService subscriptions when the redfish-dbus-log option is
136 enabled.
137 This option is currently non-functional, given Redfish requirements for
138 MessageId support in Events.
139 Option will be removed begining of Q2-2025.
140 Should not be enabled on any production systems.
141 ''',
142)
143
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]144# BMCWEB_REDFISH_HOST_LOGGER
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]145option(
146 'redfish-host-logger',
147 type: 'feature',
148 value: 'enabled',
149 description: '''Enable host log service transactions based on
150 phosphor-hostlogger through Redfish. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]151 /redfish/v1/Systems/system/LogServices/HostLogger''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]152)
153
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]154# BMCWEB_REDFISH_PROVISIONING_FEATURE
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]155option(
156 'redfish-provisioning-feature',
157 type: 'feature',
158 value: 'disabled',
159 description: '''Enable provisioning feature support in redfish. Paths are
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]160 under /redfish/v1/Systems/system/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]161)
162
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]163# BMCWEB_REDFISH_MANAGER_URI_NAME
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]164option(
Ed Tanous253f11b2024-05-16 09:38:31 -0700[diff] [blame]165 'redfish-manager-uri-name',
166 type: 'string',
167 value: 'bmc',
168 description: '''The static Redfish Manager ID representing the BMC
169 instance. This option will appear in the Redfish tree at
170 /redfish/v1/Managers/<redfish-manager-uri-name>.
171 Defaults to \'bmc\' which resolves to
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]172 /redfish/v1/Managers/bmc''',
Ed Tanous253f11b2024-05-16 09:38:31 -0700[diff] [blame]173)
174
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]175# BMCWEB_REDFISH_SYSTEM_URI_NAME
Ed Tanous253f11b2024-05-16 09:38:31 -0700[diff] [blame]176option(
177 'redfish-system-uri-name',
178 type: 'string',
179 value: 'system',
180 description: '''The static Redfish System ID representing the host
181 instance. This option will appear in the Redfish tree at
182 /redfish/v1/Systems/<redfish-system-uri-name>.
183 Defaults to \'system\' which resolves to
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]184 /redfish/v1/Systems/system''',
Ed Tanous253f11b2024-05-16 09:38:31 -0700[diff] [blame]185)
186
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]187# BMCWEB_LOGGING_LEVEL
Ed Tanous253f11b2024-05-16 09:38:31 -0700[diff] [blame]188option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]189 'bmcweb-logging',
Myung Bae662aa6e2023-01-10 14:20:28 -0600[diff] [blame]190 type: 'combo',
Ed Tanous92e26be2024-08-21 13:39:14 -0700[diff] [blame]191 choices: [
192 'disabled',
193 'enabled',
194 'debug',
195 'info',
196 'warning',
197 'error',
198 'critical',
199 ],
Ed Tanous4d1db042024-02-16 13:08:34 -0800[diff] [blame]200 value: 'error',
Myung Bae662aa6e2023-01-10 14:20:28 -0600[diff] [blame]201 description: '''Enable output the extended logging level.
202 - disabled: disable bmcweb log traces.
203 - enabled: treated as 'debug'
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]204 - For the other logging level option, see DEVELOPING.md.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]205)
206
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]207# BMCWEB_BASIC_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]208option(
209 'basic-auth',
210 type: 'feature',
211 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]212 description: 'Enable basic authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]213)
214
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]215# BMCWEB_SESSION_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]216option(
217 'session-auth',
218 type: 'feature',
219 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]220 description: 'Enable session authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]221)
222
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]223# BMCWEB_XTOKEN_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]224option(
225 'xtoken-auth',
226 type: 'feature',
227 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]228 description: 'Enable xtoken authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]229)
230
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]231# BMCWEB_COOKIE_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]232option(
233 'cookie-auth',
234 type: 'feature',
235 value: 'enabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]236 description: 'Enable cookie authentication',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]237)
238
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]239# BMCWEB_MUTUAL_TLS_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]240option(
241 'mutual-tls-auth',
242 type: 'feature',
243 value: 'enabled',
244 description: '''Enables authenticating users through TLS client
245 certificates. The insecure-disable-ssl must be disabled for
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]246 this option to take effect.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]247)
248
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]249# BMCWEB_MUTUAL_TLS_COMMON_NAME_PARSING_DEFAULT
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]250option(
Ed Tanous3ce36882024-06-09 10:58:16 -0700[diff] [blame]251 'mutual-tls-common-name-parsing-default',
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700[diff] [blame]252 type: 'combo',
Malik Akbar Hashemi Rafsanjania4943692025-05-27 13:23:44 -0700[diff] [blame^]253 choices: ['CommonName', 'Whole', 'UserPrincipalName'],
254 description: '''Default MTLS parse mode to get username from the
255 client's x509 certificate''',
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700[diff] [blame]256)
257
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]258# BMCWEB_META_TLS_COMMON_NAME_PARSING
Marco Kawajiri0e373b52023-10-31 13:36:58 -0700[diff] [blame]259option(
Ed Tanous3ce36882024-06-09 10:58:16 -0700[diff] [blame]260 'meta-tls-common-name-parsing',
261 type: 'feature',
262 description: '''
263 Allows parsing the Subject CN TLS certificate in the format used by
264 Meta Inc (see mutual_tls_meta.cpp for details)
265 ''',
266)
267
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]268# BMCWEB_IBM_MANAGEMENT_CONSOLE
Ed Tanous3ce36882024-06-09 10:58:16 -0700[diff] [blame]269option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]270 'ibm-management-console',
271 type: 'feature',
272 value: 'disabled',
273 description: '''Enable the IBM management console specific functionality.
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]274 Paths are under /ibm/v1/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]275)
276
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]277# BMCWEB_GOOGLE_API
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]278option(
279 'google-api',
280 type: 'feature',
281 value: 'disabled',
282 description: '''Enable the Google specific functionality. Paths are under
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]283 /google/v1/''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]284)
285
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]286# BMCWEB_HTTP_BODY_LIMIT
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]287option(
288 'http-body-limit',
289 type: 'integer',
290 min: 0,
291 max: 512,
292 value: 30,
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]293 description: 'Specifies the http request body length limit',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]294)
295
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]296# BMCWEB_REDFISH_NEW_POWERSUBSYSTEM_THERMALSUBSYSTEM
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]297option(
298 'redfish-new-powersubsystem-thermalsubsystem',
299 type: 'feature',
Gunnar Mills86159152024-02-06 14:54:39 -0600[diff] [blame]300 value: 'enabled',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]301 description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
302 and all children schemas. This includes displaying all
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]303 sensors in the SensorCollection.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]304)
305
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]306# BMCWEB_REDFISH_ALLOW_DEPRECATED_POWER_THERMAL
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]307option(
308 'redfish-allow-deprecated-power-thermal',
309 type: 'feature',
310 value: 'enabled',
311 description: '''Enable/disable the old Power / Thermal. The default
Gunnar Mills86159152024-02-06 14:54:39 -0600[diff] [blame]312 condition is allowing the old Power / Thermal. This
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]313 will be disabled by default June 2024. ''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]314)
315
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]316# BMCWEB_REDFISH_OEM_MANAGER_FAN_DATA
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]317option(
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000[diff] [blame]318 'redfish-oem-manager-fan-data',
319 type: 'feature',
320 value: 'enabled',
321 description: '''Enables Redfish OEM fan data on the manager resource.
322 This includes PID and Stepwise controller data. See
Myung Bae1d19d872024-09-10 09:42:32 -0400[diff] [blame]323 OpenBMCManager schema for more detail.''',
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000[diff] [blame]324)
325
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]326# BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS
Gunnar Mills54dce7f2022-08-05 17:01:32 +0000[diff] [blame]327option(
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700[diff] [blame]328 'redfish-updateservice-use-dbus',
329 type: 'feature',
Jagpal Singh Gill64fa9162024-11-12 16:16:47 -0800[diff] [blame]330 value: 'enabled',
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700[diff] [blame]331 description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
332 to propagate UpdateService requests to the corresponding
333 updater daemons instead of moving files to /tmp/images dir.
334 This option is temporary, should not be enabled on any
335 production systems. The code will be moved to the normal
336 code update flow and the option will be removed at the end
337 of Q3 2024.
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]338 ''',
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700[diff] [blame]339)
340
Ed Tanous6a371402024-12-03 14:01:25 -0800[diff] [blame]341# BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE
342option(
343 'redfish-allow-simple-update',
344 type: 'feature',
345 value: 'disabled',
346 description: '''Enables Redfish UpdateService SimpleUpdate Action. Note
347 that at this time this option is non-functional. Redfish
348 recommends using MultiPartUpdate.''',
349)
350
351
Jagpal Singh Gill57855662024-04-17 10:44:27 -0700[diff] [blame]352option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]353 'https_port',
354 type: 'integer',
Ed Tanous796ba932020-08-02 04:29:21 +0000[diff] [blame]355 min: -1,
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]356 max: 65535,
357 value: 443,
Ed Tanous796ba932020-08-02 04:29:21 +0000[diff] [blame]358 description: '''HTTPS default port number. Set to -1 to disable and rely
359 only on additional_ports''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]360)
Manojkiran Edaaf6298d2020-05-27 08:51:32 +0530[diff] [blame]361
Ed Tanous796ba932020-08-02 04:29:21 +0000[diff] [blame]362
363# Additional ports
364# This series of options below allows setting up non-trivial deployments of
365# bmcweb, binding specific ports, authentication profiles, and device binds to
366# multiple ports.
367# Setting these options incorrectly can have severe security consequences and
368# should be reserved for platform experts familiar with their particular
369# platforms security requirements.
370
371option(
372 'additional-ports',
373 type: 'array',
374 value: [],
375 description: '''Additional ports to listen to. Allows bmcweb to listen to
376 multiple ports at a given protocol''',
377)
378
379option(
380 'additional-protocol',
381 type: 'array',
382 value: [],
383 description: '''Allows specifying a specific protocol type for a given
384 additional-ports index. Allows setting http, https, or both
385 to each socket index. If not provided for a given
386 additional-ports index, assumes https.''',
387)
388
389option(
390 'additional-bind-to-device',
391 type: 'array',
392 value: [],
393 description: '''Allows specifying an SO_BINDTODEVICE or BindToDevice systemd
394 directive for each additional socket file. If not provided
395 for a given additional-ports index, assumes bind to all
396 devices''',
397)
398
399option(
400 'additional-auth',
401 type: 'array',
402 value: [],
403 description: '''Allows specifying an authentication profile for each socket
404 created with additional-ports. Allows auth or noauth, and
405 defaults to auth if not provided. If noauth is provided,
406 authentication will not be performed for a given socket/port
407 index.''',
408)
409# end additional ports
410
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]411# BMCWEB_DNS_RESOLVER
Carson Labrado7fb33562022-04-18 23:26:56 +0000[diff] [blame]412option(
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700[diff] [blame]413 'dns-resolver',
414 type: 'combo',
415 choices: ['systemd-dbus', 'asio'],
416 value: 'systemd-dbus',
417 description: '''Sets which DNS resolver backend should be used.
418 systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
419 support. asio relies on boost::asio::tcp::resolver, but cannot resolve
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]420 names when boost threading is disabled.''',
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700[diff] [blame]421)
422
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]423# BMCWEB_REDFISH_AGGREGATION
Ed Tanousf8ca6d72022-06-28 12:12:03 -0700[diff] [blame]424option(
Carson Labrado7fb33562022-04-18 23:26:56 +0000[diff] [blame]425 'redfish-aggregation',
426 type: 'feature',
427 value: 'disabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]428 description: 'Allows this BMC to aggregate resources from satellite BMCs',
Carson Labrado7fb33562022-04-18 23:26:56 +0000[diff] [blame]429)
430
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]431# BMCWEB_HYPERVISOR_COMPUTER_SYSTEM
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800[diff] [blame]432option(
Gunnar Mills68896202024-08-21 11:34:20 -0500[diff] [blame]433 'hypervisor-computer-system',
434 type: 'feature',
435 value: 'disabled',
436 description: '''This puts a hypervisor computer system resource at
437 /redfish/v1/Systems/hypervisor. This system resource has children
438 resources such as EthernetInterfaces and ComputerSystem.Reset.''',
439)
440
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]441# BMCWEB_EXPERIMENTAL_REDFISH_MULTI_COMPUTER_SYSTEM
Gunnar Mills68896202024-08-21 11:34:20 -0500[diff] [blame]442option(
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800[diff] [blame]443 'experimental-redfish-multi-computer-system',
444 type: 'feature',
445 value: 'disabled',
446 description: '''This is a temporary option flag for staging the
447 ComputerSystemCollection transition to multi-host. It, as well as the code
mox669ef0b2d42025-03-10 20:16:09 +0100[diff] [blame]448 still beneath it will be removed on 6/1/2025. Do not enable in a
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]449 production environment, or where API stability is required.''',
Ed Tanous7f3e84a2022-12-28 16:22:54 -0800[diff] [blame]450)
451
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]452# BMCWEB_EXPERIMENTAL_HTTP2
Ed Tanousfca2cbe2021-01-28 14:49:59 -0800[diff] [blame]453option(
454 'experimental-http2',
455 type: 'feature',
456 value: 'disabled',
457 description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
458 on this option for any production systems. It may have
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]459 behavior changes or be removed at any time.''',
Ed Tanousfca2cbe2021-01-28 14:49:59 -0800[diff] [blame]460)
461
rohitpaicf9085a2025-02-24 12:33:59 +0530[diff] [blame]462# BMCWEB_WATCHDOG_TIMEOUT
463option(
464 'watchdog-timeout-seconds',
465 type: 'integer',
466 min: 0,
467 max: 600,
468 value: 120,
469 description: '''Specifies the systemd watchdog timeout interval in seconds.
470 Set to 0 to disable the watchdog.''',
471)
472
Manojkiran Edaaf6298d2020-05-27 08:51:32 +0530[diff] [blame]473# Insecure options. Every option that starts with a `insecure` flag should
474# not be enabled by default for any platform, unless the author fully comprehends
475# the implications of doing so.In general, enabling these options will cause security
476# problems of varying degrees
477
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]478# BMCWEB_INSECURE_DISABLE_CSRF
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]479option(
480 'insecure-disable-csrf',
481 type: 'feature',
482 value: 'disabled',
483 description: '''Disable CSRF prevention checks.Should be set to false for
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]484 production systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]485)
486
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]487# BMCWEB_INSECURE_DISABLE_SSL
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]488option(
489 'insecure-disable-ssl',
490 type: 'feature',
491 value: 'disabled',
492 description: '''Disable SSL ports. Should be set to false for production
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]493 systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]494)
495
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]496# BMCWEB_INSECURE_DISABLE_AUTH
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]497option(
498 'insecure-disable-auth',
499 type: 'feature',
500 value: 'disabled',
Nan Zhoua43ea822022-05-27 00:42:44 +0000[diff] [blame]501 description: '''Disable authentication and authoriztion on all ports.
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]502 Should be set to false for production systems.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]503)
504
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]505# BMCWEB_INSECURE_IGNORE_CONTENT_TYPE
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]506option(
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100[diff] [blame]507 'insecure-ignore-content-type',
508 type: 'feature',
Ed Tanousdb398022023-06-07 16:38:08 -0700[diff] [blame]509 value: 'disabled',
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100[diff] [blame]510 description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
511 of the presence of the content-type header. Enabling this
512 conflicts with the input parsing guidelines, but may be
513 required to support old clients that may not set the
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]514 Content-Type header on payloads.''',
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100[diff] [blame]515)
516
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]517# BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION
Ed Tanous1aa0c2b2022-02-08 12:24:30 +0100[diff] [blame]518option(
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]519 'insecure-push-style-notification',
520 type: 'feature',
521 value: 'disabled',
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]522 description: 'Enable HTTP push style eventing feature',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]523)
524
Ed Tanousc5bcf352024-09-25 16:41:10 -0700[diff] [blame]525# BMCWEB_INSECURE_ENABLE_REDFISH_QUERY
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]526option(
527 'insecure-enable-redfish-query',
528 type: 'feature',
529 value: 'disabled',
530 description: '''Enables Redfish expand query parameter. This feature is
531 experimental, and has not been tested against the full
532 limits of user-facing behavior. It is not recommended to
533 enable on production systems at this time. Other query
Ed Tanous50b37022024-06-25 13:00:04 -0700[diff] [blame]534 parameters such as only are not controlled by this option.''',
Ed Tanous0cd5f782022-04-26 16:09:09 -0700[diff] [blame]535)