1c5bcf35fSEd Tanous# BMCWEB_KVM 28dc3ddf6SEd Tanousoption( 38dc3ddf6SEd Tanous 'kvm', 48dc3ddf6SEd Tanous type: 'feature', 58dc3ddf6SEd Tanous value: 'enabled', 68dc3ddf6SEd Tanous description: '''Enable the KVM host video WebSocket. Path is /kvm/0. 78dc3ddf6SEd Tanous Video is from the BMCs /dev/videodevice.''', 88dc3ddf6SEd Tanous) 98dc3ddf6SEd Tanous 10c5bcf35fSEd Tanous# BMCWEB_TESTS 118dc3ddf6SEd Tanousoption( 128dc3ddf6SEd Tanous 'tests', 138dc3ddf6SEd Tanous type: 'feature', 148dc3ddf6SEd Tanous value: 'enabled', 158dc3ddf6SEd Tanous description: 'Enable Unit tests for bmcweb', 168dc3ddf6SEd Tanous) 178dc3ddf6SEd Tanous 18c5bcf35fSEd Tanous# BMCWEB_VM_WEBSOCKET 198dc3ddf6SEd Tanousoption( 208dc3ddf6SEd Tanous 'vm-websocket', 218dc3ddf6SEd Tanous type: 'feature', 228dc3ddf6SEd Tanous value: 'enabled', 238dc3ddf6SEd Tanous description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to 248dc3ddf6SEd Tanous open the websocket. See 258dc3ddf6SEd Tanous https://github.com/openbmc/jsnbd/blob/master/README.''', 268dc3ddf6SEd Tanous) 278dc3ddf6SEd Tanous 2856b81992SEd Tanousoption( 2956b81992SEd Tanous 'redfish-use-3-digit-messageid', 3056b81992SEd Tanous type: 'feature', 3156b81992SEd Tanous value: 'disabled', 3256b81992SEd Tanous description: '''Prior to a bug fix, bmcweb exposed error messages with a 3356b81992SEd Tanous MessageId of Base.x.y.z.Message which was incorrect. 3456b81992SEd Tanous Enabling this option causes return codes to return the old 3556b81992SEd Tanous incorrect version for backward compatibility. Will be 3604adfbcaSEd Tanous removed Q2-2025''', 3756b81992SEd Tanous) 3856b81992SEd Tanous 39c5bcf35fSEd Tanous# BMCWEB_NBDPROXY 408dc3ddf6SEd Tanous# if you use this option and are seeing this comment, please comment here: 418dc3ddf6SEd Tanous# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions 428dc3ddf6SEd Tanous# for this code. At this point, no daemon has been upstreamed that implements 438dc3ddf6SEd Tanous# this interface, so for the moment this appears to be dead code; In leiu of 448dc3ddf6SEd Tanous# removing it, it has been disabled to try to give those that use it the 458dc3ddf6SEd Tanous# opportunity to upstream their backend implementation 468dc3ddf6SEd Tanous#option( 478dc3ddf6SEd Tanous# 'vm-nbdproxy', 488dc3ddf6SEd Tanous# type: 'feature', 498dc3ddf6SEd Tanous# value: 'disabled', 508dc3ddf6SEd Tanous# description: 'Enable the Virtual Media WebSocket.' 518dc3ddf6SEd Tanous#) 528dc3ddf6SEd Tanous 53c5bcf35fSEd Tanous# BMCWEB_REST 548dc3ddf6SEd Tanousoption( 558dc3ddf6SEd Tanous 'rest', 568dc3ddf6SEd Tanous type: 'feature', 578dc3ddf6SEd Tanous value: 'disabled', 588dc3ddf6SEd Tanous description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map 598dc3ddf6SEd Tanous Phosphor D-Bus object paths, for example, 608dc3ddf6SEd Tanous /xyz/openbmc_project/logging/entry/enumerate. See 618dc3ddf6SEd Tanous https://github.com/openbmc/docs/blob/master/rest-api.md.''', 628dc3ddf6SEd Tanous) 638dc3ddf6SEd Tanous 64c5bcf35fSEd Tanous# BMCWEB_REDFISH 658dc3ddf6SEd Tanousoption( 668dc3ddf6SEd Tanous 'redfish', 678dc3ddf6SEd Tanous type: 'feature', 688dc3ddf6SEd Tanous value: 'enabled', 698dc3ddf6SEd Tanous description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See 708dc3ddf6SEd Tanous https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''', 718dc3ddf6SEd Tanous) 728dc3ddf6SEd Tanous 73c5bcf35fSEd Tanous# BMCWEB_HOST_SERIAL_SOCKET 748dc3ddf6SEd Tanousoption( 758dc3ddf6SEd Tanous 'host-serial-socket', 768dc3ddf6SEd Tanous type: 'feature', 778dc3ddf6SEd Tanous value: 'enabled', 788dc3ddf6SEd Tanous description: '''Enable host serial console WebSocket. Path is /console0. 798dc3ddf6SEd Tanous See https://github.com/openbmc/docs/blob/master/console.md.''', 808dc3ddf6SEd Tanous) 818dc3ddf6SEd Tanous 82c5bcf35fSEd Tanous# BMCWEB_STATIC_HOSTING 838dc3ddf6SEd Tanousoption( 848dc3ddf6SEd Tanous 'static-hosting', 858dc3ddf6SEd Tanous type: 'feature', 868dc3ddf6SEd Tanous value: 'enabled', 878dc3ddf6SEd Tanous description: '''Enable serving files from the /usr/share/www directory 888dc3ddf6SEd Tanous as paths under /.''', 898dc3ddf6SEd Tanous) 908dc3ddf6SEd Tanous 91c5bcf35fSEd Tanous# BMCWEB_REDFISH_BMC_JOURNAL 928dc3ddf6SEd Tanousoption( 938dc3ddf6SEd Tanous 'redfish-bmc-journal', 948dc3ddf6SEd Tanous type: 'feature', 958dc3ddf6SEd Tanous value: 'enabled', 968dc3ddf6SEd Tanous description: '''Enable BMC journal access through Redfish. Paths are under 978dc3ddf6SEd Tanous /redfish/v1/Managers/bmc/LogServices/Journal.''', 988dc3ddf6SEd Tanous) 998dc3ddf6SEd Tanous 100c5bcf35fSEd Tanous# BMCWEB_REDFISH_CPU_LOG 1018dc3ddf6SEd Tanousoption( 1028dc3ddf6SEd Tanous 'redfish-cpu-log', 1038dc3ddf6SEd Tanous type: 'feature', 1048dc3ddf6SEd Tanous value: 'disabled', 1058dc3ddf6SEd Tanous description: '''Enable CPU log service transactions through Redfish. Paths 1068dc3ddf6SEd Tanous are under /redfish/v1/Systems/system/LogServices/Crashdump'.''', 1078dc3ddf6SEd Tanous) 1088dc3ddf6SEd Tanous 109c5bcf35fSEd Tanous# BMCWEB_REDFISH_DUMP_LOG 1108dc3ddf6SEd Tanousoption( 1118dc3ddf6SEd Tanous 'redfish-dump-log', 1128dc3ddf6SEd Tanous type: 'feature', 1138dc3ddf6SEd Tanous value: 'disabled', 1148dc3ddf6SEd Tanous description: '''Enable Dump log service transactions through Redfish. Paths 1158dc3ddf6SEd Tanous are under /redfish/v1/Systems/system/LogServices/Dump 1168dc3ddf6SEd Tanous and /redfish/v1/Managers/bmc/LogServices/Dump''', 1178dc3ddf6SEd Tanous) 1188dc3ddf6SEd Tanous 119c5bcf35fSEd Tanous# BMCWEB_REDFISH_DBUS_LOG 1208dc3ddf6SEd Tanousoption( 1218dc3ddf6SEd Tanous 'redfish-dbus-log', 1228dc3ddf6SEd Tanous type: 'feature', 1238dc3ddf6SEd Tanous value: 'disabled', 1248dc3ddf6SEd Tanous description: '''Enable DBUS log service transactions through Redfish. Paths 1258dc3ddf6SEd Tanous are under 1268dc3ddf6SEd Tanous /redfish/v1/Systems/system/LogServices/EventLog/Entries''', 1278dc3ddf6SEd Tanous) 1288dc3ddf6SEd Tanous 1296c58a03eSAlexander Hansen# BMCWEB_EXPERIMENTAL_REDFISH_DBUS_LOG_SUBSCRIPTION 1306c58a03eSAlexander Hansenoption( 1316c58a03eSAlexander Hansen 'experimental-redfish-dbus-log-subscription', 1326c58a03eSAlexander Hansen type: 'feature', 1336c58a03eSAlexander Hansen value: 'disabled', 1346c58a03eSAlexander Hansen description: ''' 1356c58a03eSAlexander Hansen Allows EventService subscriptions when the redfish-dbus-log option is 1366c58a03eSAlexander Hansen enabled. 1376c58a03eSAlexander Hansen This option is currently non-functional, given Redfish requirements for 1386c58a03eSAlexander Hansen MessageId support in Events. 1396c58a03eSAlexander Hansen Option will be removed begining of Q2-2025. 1406c58a03eSAlexander Hansen Should not be enabled on any production systems. 1416c58a03eSAlexander Hansen ''', 1426c58a03eSAlexander Hansen) 1436c58a03eSAlexander Hansen 144c5bcf35fSEd Tanous# BMCWEB_REDFISH_HOST_LOGGER 1458dc3ddf6SEd Tanousoption( 1468dc3ddf6SEd Tanous 'redfish-host-logger', 1478dc3ddf6SEd Tanous type: 'feature', 1488dc3ddf6SEd Tanous value: 'enabled', 1498dc3ddf6SEd Tanous description: '''Enable host log service transactions based on 1508dc3ddf6SEd Tanous phosphor-hostlogger through Redfish. Paths are under 1518dc3ddf6SEd Tanous /redfish/v1/Systems/system/LogServices/HostLogger''', 1528dc3ddf6SEd Tanous) 1538dc3ddf6SEd Tanous 154c5bcf35fSEd Tanous# BMCWEB_REDFISH_PROVISIONING_FEATURE 1558dc3ddf6SEd Tanousoption( 1568dc3ddf6SEd Tanous 'redfish-provisioning-feature', 1578dc3ddf6SEd Tanous type: 'feature', 1588dc3ddf6SEd Tanous value: 'disabled', 1598dc3ddf6SEd Tanous description: '''Enable provisioning feature support in redfish. Paths are 1608dc3ddf6SEd Tanous under /redfish/v1/Systems/system/''', 1618dc3ddf6SEd Tanous) 1628dc3ddf6SEd Tanous 163c5bcf35fSEd Tanous# BMCWEB_REDFISH_MANAGER_URI_NAME 1648dc3ddf6SEd Tanousoption( 1658dc3ddf6SEd Tanous 'redfish-manager-uri-name', 1668dc3ddf6SEd Tanous type: 'string', 1678dc3ddf6SEd Tanous value: 'bmc', 1688dc3ddf6SEd Tanous description: '''The static Redfish Manager ID representing the BMC 1698dc3ddf6SEd Tanous instance. This option will appear in the Redfish tree at 1708dc3ddf6SEd Tanous /redfish/v1/Managers/<redfish-manager-uri-name>. 1718dc3ddf6SEd Tanous Defaults to \'bmc\' which resolves to 1728dc3ddf6SEd Tanous /redfish/v1/Managers/bmc''', 1738dc3ddf6SEd Tanous) 1748dc3ddf6SEd Tanous 175c5bcf35fSEd Tanous# BMCWEB_REDFISH_SYSTEM_URI_NAME 1768dc3ddf6SEd Tanousoption( 1778dc3ddf6SEd Tanous 'redfish-system-uri-name', 1788dc3ddf6SEd Tanous type: 'string', 1798dc3ddf6SEd Tanous value: 'system', 1808dc3ddf6SEd Tanous description: '''The static Redfish System ID representing the host 1818dc3ddf6SEd Tanous instance. This option will appear in the Redfish tree at 1828dc3ddf6SEd Tanous /redfish/v1/Systems/<redfish-system-uri-name>. 1838dc3ddf6SEd Tanous Defaults to \'system\' which resolves to 1848dc3ddf6SEd Tanous /redfish/v1/Systems/system''', 1858dc3ddf6SEd Tanous) 1868dc3ddf6SEd Tanous 187c5bcf35fSEd Tanous# BMCWEB_LOGGING_LEVEL 1888dc3ddf6SEd Tanousoption( 1898dc3ddf6SEd Tanous 'bmcweb-logging', 1908dc3ddf6SEd Tanous type: 'combo', 19192e26be5SEd Tanous choices: [ 19292e26be5SEd Tanous 'disabled', 19392e26be5SEd Tanous 'enabled', 19492e26be5SEd Tanous 'debug', 19592e26be5SEd Tanous 'info', 19692e26be5SEd Tanous 'warning', 19792e26be5SEd Tanous 'error', 19892e26be5SEd Tanous 'critical', 19992e26be5SEd Tanous ], 2008dc3ddf6SEd Tanous value: 'error', 2018dc3ddf6SEd Tanous description: '''Enable output the extended logging level. 2028dc3ddf6SEd Tanous - disabled: disable bmcweb log traces. 2038dc3ddf6SEd Tanous - enabled: treated as 'debug' 2048dc3ddf6SEd Tanous - For the other logging level option, see DEVELOPING.md.''', 2058dc3ddf6SEd Tanous) 2068dc3ddf6SEd Tanous 207c5bcf35fSEd Tanous# BMCWEB_BASIC_AUTH 2088dc3ddf6SEd Tanousoption( 2098dc3ddf6SEd Tanous 'basic-auth', 2108dc3ddf6SEd Tanous type: 'feature', 2118dc3ddf6SEd Tanous value: 'enabled', 2128dc3ddf6SEd Tanous description: 'Enable basic authentication', 2138dc3ddf6SEd Tanous) 2148dc3ddf6SEd Tanous 215c5bcf35fSEd Tanous# BMCWEB_SESSION_AUTH 2168dc3ddf6SEd Tanousoption( 2178dc3ddf6SEd Tanous 'session-auth', 2188dc3ddf6SEd Tanous type: 'feature', 2198dc3ddf6SEd Tanous value: 'enabled', 2208dc3ddf6SEd Tanous description: 'Enable session authentication', 2218dc3ddf6SEd Tanous) 2228dc3ddf6SEd Tanous 223c5bcf35fSEd Tanous# BMCWEB_XTOKEN_AUTH 2248dc3ddf6SEd Tanousoption( 2258dc3ddf6SEd Tanous 'xtoken-auth', 2268dc3ddf6SEd Tanous type: 'feature', 2278dc3ddf6SEd Tanous value: 'enabled', 2288dc3ddf6SEd Tanous description: 'Enable xtoken authentication', 2298dc3ddf6SEd Tanous) 2308dc3ddf6SEd Tanous 231c5bcf35fSEd Tanous# BMCWEB_COOKIE_AUTH 2328dc3ddf6SEd Tanousoption( 2338dc3ddf6SEd Tanous 'cookie-auth', 2348dc3ddf6SEd Tanous type: 'feature', 2358dc3ddf6SEd Tanous value: 'enabled', 2368dc3ddf6SEd Tanous description: 'Enable cookie authentication', 2378dc3ddf6SEd Tanous) 2388dc3ddf6SEd Tanous 239c5bcf35fSEd Tanous# BMCWEB_MUTUAL_TLS_AUTH 2408dc3ddf6SEd Tanousoption( 2418dc3ddf6SEd Tanous 'mutual-tls-auth', 2428dc3ddf6SEd Tanous type: 'feature', 2438dc3ddf6SEd Tanous value: 'enabled', 2448dc3ddf6SEd Tanous description: '''Enables authenticating users through TLS client 2458dc3ddf6SEd Tanous certificates. The insecure-disable-ssl must be disabled for 2468dc3ddf6SEd Tanous this option to take effect.''', 2478dc3ddf6SEd Tanous) 2488dc3ddf6SEd Tanous 249c5bcf35fSEd Tanous# BMCWEB_MUTUAL_TLS_COMMON_NAME_PARSING_DEFAULT 2508dc3ddf6SEd Tanousoption( 2513ce3688aSEd Tanous 'mutual-tls-common-name-parsing-default', 2528dc3ddf6SEd Tanous type: 'combo', 253a4943693SMalik Akbar Hashemi Rafsanjani choices: ['CommonName', 'Whole', 'UserPrincipalName'], 254a4943693SMalik Akbar Hashemi Rafsanjani description: '''Default MTLS parse mode to get username from the 255a4943693SMalik Akbar Hashemi Rafsanjani client's x509 certificate''', 2563ce3688aSEd Tanous) 2573ce3688aSEd Tanous 258c5bcf35fSEd Tanous# BMCWEB_IBM_MANAGEMENT_CONSOLE 2598dc3ddf6SEd Tanousoption( 2608dc3ddf6SEd Tanous 'ibm-management-console', 2618dc3ddf6SEd Tanous type: 'feature', 2628dc3ddf6SEd Tanous value: 'disabled', 2638dc3ddf6SEd Tanous description: '''Enable the IBM management console specific functionality. 2648dc3ddf6SEd Tanous Paths are under /ibm/v1/''', 2658dc3ddf6SEd Tanous) 2668dc3ddf6SEd Tanous 267c5bcf35fSEd Tanous# BMCWEB_GOOGLE_API 2688dc3ddf6SEd Tanousoption( 2698dc3ddf6SEd Tanous 'google-api', 2708dc3ddf6SEd Tanous type: 'feature', 2718dc3ddf6SEd Tanous value: 'disabled', 2728dc3ddf6SEd Tanous description: '''Enable the Google specific functionality. Paths are under 2738dc3ddf6SEd Tanous /google/v1/''', 2748dc3ddf6SEd Tanous) 2758dc3ddf6SEd Tanous 276c5bcf35fSEd Tanous# BMCWEB_HTTP_BODY_LIMIT 2778dc3ddf6SEd Tanousoption( 2788dc3ddf6SEd Tanous 'http-body-limit', 2798dc3ddf6SEd Tanous type: 'integer', 2808dc3ddf6SEd Tanous min: 0, 2818dc3ddf6SEd Tanous max: 512, 2828dc3ddf6SEd Tanous value: 30, 2838dc3ddf6SEd Tanous description: 'Specifies the http request body length limit', 2848dc3ddf6SEd Tanous) 2858dc3ddf6SEd Tanous 286b2539069SEd Tanous# BMCWEB_HTTP_ZSTD 287b2539069SEd Tanousoption( 288b2539069SEd Tanous 'http-zstd', 289b2539069SEd Tanous type: 'feature', 290b2539069SEd Tanous value: 'enabled', 291b2539069SEd Tanous description: 'Allows compression/decompression using zstd', 292b2539069SEd Tanous) 293b2539069SEd Tanous 294c5bcf35fSEd Tanous# BMCWEB_REDFISH_NEW_POWERSUBSYSTEM_THERMALSUBSYSTEM 2958dc3ddf6SEd Tanousoption( 2968dc3ddf6SEd Tanous 'redfish-new-powersubsystem-thermalsubsystem', 2978dc3ddf6SEd Tanous type: 'feature', 2988dc3ddf6SEd Tanous value: 'enabled', 2998dc3ddf6SEd Tanous description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem, 3008dc3ddf6SEd Tanous and all children schemas. This includes displaying all 3018dc3ddf6SEd Tanous sensors in the SensorCollection.''', 3028dc3ddf6SEd Tanous) 3038dc3ddf6SEd Tanous 304f664fd8aSJanet Adkins# BMCWEB_REDFISH_ALLOW_DEPRECATED_INDICATORLED 305f664fd8aSJanet Adkinsoption( 306f664fd8aSJanet Adkins 'redfish-allow-deprecated-indicatorled', 307f664fd8aSJanet Adkins type: 'feature', 308f664fd8aSJanet Adkins value: 'disabled', 309f664fd8aSJanet Adkins description: '''Enable/disable the deprecated IndicatorLED property. The 310f664fd8aSJanet Adkins default condition is disabled. The code to enable this 311f664fd8aSJanet Adkins option will be removed by March 2026.''', 312f664fd8aSJanet Adkins) 313f664fd8aSJanet Adkins 314*eb261e1fSJanet Adkins# BMCWEB_REDFISH_USE_HARDCODED_SYSTEM_LOCATION_INDICATOR 315*eb261e1fSJanet Adkinsoption( 316*eb261e1fSJanet Adkins 'redfish-use-hardcoded-system-location-indicator', 317*eb261e1fSJanet Adkins type: 'feature', 318*eb261e1fSJanet Adkins value: 'enabled', 319*eb261e1fSJanet Adkins description: '''Enable/disable the use of hard-coded LED group 320*eb261e1fSJanet Adkins enclosure_identify_blink and enclosure_identify for getting 321*eb261e1fSJanet Adkins and setting the LocationIndicatorActive for the Systems 322*eb261e1fSJanet Adkins response. The default condition will be enabled until 323*eb261e1fSJanet Adkins October 15, 2025. The code to enable this option will be 324*eb261e1fSJanet Adkins removed by June 2026.''', 325*eb261e1fSJanet Adkins) 326*eb261e1fSJanet Adkins 327c5bcf35fSEd Tanous# BMCWEB_REDFISH_ALLOW_DEPRECATED_POWER_THERMAL 3288dc3ddf6SEd Tanousoption( 3298dc3ddf6SEd Tanous 'redfish-allow-deprecated-power-thermal', 3308dc3ddf6SEd Tanous type: 'feature', 331db3bf6f3SGunnar Mills value: 'disabled', 332db3bf6f3SGunnar Mills description: '''Enable/disable the old Power / Thermal. This has been 333db3bf6f3SGunnar Mills replaced by the new PowerSubsystem, ThermalSubsystem, and 334db3bf6f3SGunnar Mills the redfish-new-powersubsystem-thermalsubsystem option. 335db3bf6f3SGunnar Mills This option will be removed June 2026.''', 3368dc3ddf6SEd Tanous) 3378dc3ddf6SEd Tanous 338c5bcf35fSEd Tanous# BMCWEB_REDFISH_OEM_MANAGER_FAN_DATA 3398dc3ddf6SEd Tanousoption( 3408dc3ddf6SEd Tanous 'redfish-oem-manager-fan-data', 3418dc3ddf6SEd Tanous type: 'feature', 3428dc3ddf6SEd Tanous value: 'enabled', 3438dc3ddf6SEd Tanous description: '''Enables Redfish OEM fan data on the manager resource. 3448dc3ddf6SEd Tanous This includes PID and Stepwise controller data. See 3451d19d872SMyung Bae OpenBMCManager schema for more detail.''', 3468dc3ddf6SEd Tanous) 3478dc3ddf6SEd Tanous 348c5bcf35fSEd Tanous# BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS 3498dc3ddf6SEd Tanousoption( 3508dc3ddf6SEd Tanous 'redfish-updateservice-use-dbus', 3518dc3ddf6SEd Tanous type: 'feature', 35264fa9167SJagpal Singh Gill value: 'enabled', 3538dc3ddf6SEd Tanous description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface 3548dc3ddf6SEd Tanous to propagate UpdateService requests to the corresponding 3558dc3ddf6SEd Tanous updater daemons instead of moving files to /tmp/images dir. 3568dc3ddf6SEd Tanous ''', 3578dc3ddf6SEd Tanous) 3588dc3ddf6SEd Tanous 3596a37140aSEd Tanous# BMCWEB_REDFISH_ALLOW_SIMPLE_UPDATE 3606a37140aSEd Tanousoption( 3616a37140aSEd Tanous 'redfish-allow-simple-update', 3626a37140aSEd Tanous type: 'feature', 3636a37140aSEd Tanous value: 'disabled', 3646a37140aSEd Tanous description: '''Enables Redfish UpdateService SimpleUpdate Action. Note 3656a37140aSEd Tanous that at this time this option is non-functional. Redfish 3666a37140aSEd Tanous recommends using MultiPartUpdate.''', 3676a37140aSEd Tanous) 3686a37140aSEd Tanous 3696a37140aSEd Tanous 3708dc3ddf6SEd Tanousoption( 3718dc3ddf6SEd Tanous 'https_port', 3728dc3ddf6SEd Tanous type: 'integer', 373796ba93bSEd Tanous min: -1, 3748dc3ddf6SEd Tanous max: 65535, 3758dc3ddf6SEd Tanous value: 443, 376796ba93bSEd Tanous description: '''HTTPS default port number. Set to -1 to disable and rely 377796ba93bSEd Tanous only on additional_ports''', 3788dc3ddf6SEd Tanous) 3798dc3ddf6SEd Tanous 380796ba93bSEd Tanous 381796ba93bSEd Tanous# Additional ports 382796ba93bSEd Tanous# This series of options below allows setting up non-trivial deployments of 383796ba93bSEd Tanous# bmcweb, binding specific ports, authentication profiles, and device binds to 384796ba93bSEd Tanous# multiple ports. 385796ba93bSEd Tanous# Setting these options incorrectly can have severe security consequences and 386796ba93bSEd Tanous# should be reserved for platform experts familiar with their particular 387796ba93bSEd Tanous# platforms security requirements. 388796ba93bSEd Tanous 389796ba93bSEd Tanousoption( 390796ba93bSEd Tanous 'additional-ports', 391796ba93bSEd Tanous type: 'array', 392796ba93bSEd Tanous value: [], 393796ba93bSEd Tanous description: '''Additional ports to listen to. Allows bmcweb to listen to 394796ba93bSEd Tanous multiple ports at a given protocol''', 395796ba93bSEd Tanous) 396796ba93bSEd Tanous 397796ba93bSEd Tanousoption( 398796ba93bSEd Tanous 'additional-protocol', 399796ba93bSEd Tanous type: 'array', 400796ba93bSEd Tanous value: [], 401796ba93bSEd Tanous description: '''Allows specifying a specific protocol type for a given 402796ba93bSEd Tanous additional-ports index. Allows setting http, https, or both 403796ba93bSEd Tanous to each socket index. If not provided for a given 404796ba93bSEd Tanous additional-ports index, assumes https.''', 405796ba93bSEd Tanous) 406796ba93bSEd Tanous 407796ba93bSEd Tanousoption( 408796ba93bSEd Tanous 'additional-bind-to-device', 409796ba93bSEd Tanous type: 'array', 410796ba93bSEd Tanous value: [], 411796ba93bSEd Tanous description: '''Allows specifying an SO_BINDTODEVICE or BindToDevice systemd 412796ba93bSEd Tanous directive for each additional socket file. If not provided 413796ba93bSEd Tanous for a given additional-ports index, assumes bind to all 414796ba93bSEd Tanous devices''', 415796ba93bSEd Tanous) 416796ba93bSEd Tanous 417796ba93bSEd Tanousoption( 418796ba93bSEd Tanous 'additional-auth', 419796ba93bSEd Tanous type: 'array', 420796ba93bSEd Tanous value: [], 421796ba93bSEd Tanous description: '''Allows specifying an authentication profile for each socket 422796ba93bSEd Tanous created with additional-ports. Allows auth or noauth, and 423796ba93bSEd Tanous defaults to auth if not provided. If noauth is provided, 424796ba93bSEd Tanous authentication will not be performed for a given socket/port 425796ba93bSEd Tanous index.''', 426796ba93bSEd Tanous) 427796ba93bSEd Tanous# end additional ports 428796ba93bSEd Tanous 429c5bcf35fSEd Tanous# BMCWEB_DNS_RESOLVER 4308dc3ddf6SEd Tanousoption( 4318dc3ddf6SEd Tanous 'dns-resolver', 4328dc3ddf6SEd Tanous type: 'combo', 4338dc3ddf6SEd Tanous choices: ['systemd-dbus', 'asio'], 4348dc3ddf6SEd Tanous value: 'systemd-dbus', 4358dc3ddf6SEd Tanous description: '''Sets which DNS resolver backend should be used. 4368dc3ddf6SEd Tanous systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus 4378dc3ddf6SEd Tanous support. asio relies on boost::asio::tcp::resolver, but cannot resolve 4388dc3ddf6SEd Tanous names when boost threading is disabled.''', 4398dc3ddf6SEd Tanous) 4408dc3ddf6SEd Tanous 441c5bcf35fSEd Tanous# BMCWEB_REDFISH_AGGREGATION 4428dc3ddf6SEd Tanousoption( 4438dc3ddf6SEd Tanous 'redfish-aggregation', 4448dc3ddf6SEd Tanous type: 'feature', 4458dc3ddf6SEd Tanous value: 'disabled', 4468dc3ddf6SEd Tanous description: 'Allows this BMC to aggregate resources from satellite BMCs', 4478dc3ddf6SEd Tanous) 4488dc3ddf6SEd Tanous 449c5bcf35fSEd Tanous# BMCWEB_HYPERVISOR_COMPUTER_SYSTEM 4508dc3ddf6SEd Tanousoption( 45168896206SGunnar Mills 'hypervisor-computer-system', 45268896206SGunnar Mills type: 'feature', 45368896206SGunnar Mills value: 'disabled', 45468896206SGunnar Mills description: '''This puts a hypervisor computer system resource at 45568896206SGunnar Mills /redfish/v1/Systems/hypervisor. This system resource has children 45668896206SGunnar Mills resources such as EthernetInterfaces and ComputerSystem.Reset.''', 45768896206SGunnar Mills) 45868896206SGunnar Mills 459c5bcf35fSEd Tanous# BMCWEB_EXPERIMENTAL_REDFISH_MULTI_COMPUTER_SYSTEM 46068896206SGunnar Millsoption( 4618dc3ddf6SEd Tanous 'experimental-redfish-multi-computer-system', 4628dc3ddf6SEd Tanous type: 'feature', 4638dc3ddf6SEd Tanous value: 'disabled', 4648dc3ddf6SEd Tanous description: '''This is a temporary option flag for staging the 4658dc3ddf6SEd Tanous ComputerSystemCollection transition to multi-host. It, as well as the code 46606827463SOliver Brewka still beneath it will be removed on 1/1/2026. Do not enable in a 4678dc3ddf6SEd Tanous production environment, or where API stability is required.''', 4688dc3ddf6SEd Tanous) 4698dc3ddf6SEd Tanous 47039fe3af2SEd Tanous# BMCWEB_HTTP2 4718dc3ddf6SEd Tanousoption( 47239fe3af2SEd Tanous 'http2', 4738dc3ddf6SEd Tanous type: 'feature', 47439fe3af2SEd Tanous value: 'enabled', 47539fe3af2SEd Tanous description: 'Enable HTTP/2 protocol support using nghttp2.', 4768dc3ddf6SEd Tanous) 4778dc3ddf6SEd Tanous 478cf9085acSrohitpai# BMCWEB_WATCHDOG_TIMEOUT 479cf9085acSrohitpaioption( 480cf9085acSrohitpai 'watchdog-timeout-seconds', 481cf9085acSrohitpai type: 'integer', 482cf9085acSrohitpai min: 0, 483cf9085acSrohitpai max: 600, 484cf9085acSrohitpai value: 120, 485cf9085acSrohitpai description: '''Specifies the systemd watchdog timeout interval in seconds. 486cf9085acSrohitpai Set to 0 to disable the watchdog.''', 487cf9085acSrohitpai) 488cf9085acSrohitpai 4898dc3ddf6SEd Tanous# Insecure options. Every option that starts with a `insecure` flag should 4908dc3ddf6SEd Tanous# not be enabled by default for any platform, unless the author fully comprehends 4918dc3ddf6SEd Tanous# the implications of doing so.In general, enabling these options will cause security 4928dc3ddf6SEd Tanous# problems of varying degrees 4938dc3ddf6SEd Tanous 494c5bcf35fSEd Tanous# BMCWEB_INSECURE_DISABLE_CSRF 4958dc3ddf6SEd Tanousoption( 4968dc3ddf6SEd Tanous 'insecure-disable-csrf', 4978dc3ddf6SEd Tanous type: 'feature', 4988dc3ddf6SEd Tanous value: 'disabled', 4998dc3ddf6SEd Tanous description: '''Disable CSRF prevention checks.Should be set to false for 5008dc3ddf6SEd Tanous production systems.''', 5018dc3ddf6SEd Tanous) 5028dc3ddf6SEd Tanous 503c5bcf35fSEd Tanous# BMCWEB_INSECURE_DISABLE_SSL 5048dc3ddf6SEd Tanousoption( 5058dc3ddf6SEd Tanous 'insecure-disable-ssl', 5068dc3ddf6SEd Tanous type: 'feature', 5078dc3ddf6SEd Tanous value: 'disabled', 5088dc3ddf6SEd Tanous description: '''Disable SSL ports. Should be set to false for production 5098dc3ddf6SEd Tanous systems.''', 5108dc3ddf6SEd Tanous) 5118dc3ddf6SEd Tanous 512c5bcf35fSEd Tanous# BMCWEB_INSECURE_DISABLE_AUTH 5138dc3ddf6SEd Tanousoption( 5148dc3ddf6SEd Tanous 'insecure-disable-auth', 5158dc3ddf6SEd Tanous type: 'feature', 5168dc3ddf6SEd Tanous value: 'disabled', 5178dc3ddf6SEd Tanous description: '''Disable authentication and authoriztion on all ports. 5188dc3ddf6SEd Tanous Should be set to false for production systems.''', 5198dc3ddf6SEd Tanous) 5208dc3ddf6SEd Tanous 521c5bcf35fSEd Tanous# BMCWEB_INSECURE_IGNORE_CONTENT_TYPE 5228dc3ddf6SEd Tanousoption( 5238dc3ddf6SEd Tanous 'insecure-ignore-content-type', 5248dc3ddf6SEd Tanous type: 'feature', 5258dc3ddf6SEd Tanous value: 'disabled', 5268dc3ddf6SEd Tanous description: '''Allows parsing PUT/POST/PATCH content as JSON regardless 5278dc3ddf6SEd Tanous of the presence of the content-type header. Enabling this 5288dc3ddf6SEd Tanous conflicts with the input parsing guidelines, but may be 5298dc3ddf6SEd Tanous required to support old clients that may not set the 5308dc3ddf6SEd Tanous Content-Type header on payloads.''', 5318dc3ddf6SEd Tanous) 5328dc3ddf6SEd Tanous 533c5bcf35fSEd Tanous# BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION 5348dc3ddf6SEd Tanousoption( 5358dc3ddf6SEd Tanous 'insecure-push-style-notification', 5368dc3ddf6SEd Tanous type: 'feature', 5378dc3ddf6SEd Tanous value: 'disabled', 5388dc3ddf6SEd Tanous description: 'Enable HTTP push style eventing feature', 5398dc3ddf6SEd Tanous) 5408dc3ddf6SEd Tanous 541c5bcf35fSEd Tanous# BMCWEB_INSECURE_ENABLE_REDFISH_QUERY 5428dc3ddf6SEd Tanousoption( 5438dc3ddf6SEd Tanous 'insecure-enable-redfish-query', 5448dc3ddf6SEd Tanous type: 'feature', 5458dc3ddf6SEd Tanous value: 'disabled', 5468dc3ddf6SEd Tanous description: '''Enables Redfish expand query parameter. This feature is 5478dc3ddf6SEd Tanous experimental, and has not been tested against the full 5488dc3ddf6SEd Tanous limits of user-facing behavior. It is not recommended to 5498dc3ddf6SEd Tanous enable on production systems at this time. Other query 5508dc3ddf6SEd Tanous parameters such as only are not controlled by this option.''', 5518dc3ddf6SEd Tanous) 552