xref: /openbmc/bmcweb/meson.options (revision 1e4fcdb9a5e3486668d99f52591d32b7eeb6901b) 
1option(
2    'kvm',
3    type: 'feature',
4    value: 'enabled',
5    description: '''Enable the KVM host video WebSocket.  Path is /kvm/0.
6                    Video is from the BMCs /dev/videodevice.''',
7)
8
9option(
10    'tests',
11    type: 'feature',
12    value: 'enabled',
13    description: 'Enable Unit tests for bmcweb',
14)
15
16option(
17    'vm-websocket',
18    type: 'feature',
19    value: 'enabled',
20    description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
21                    open the websocket. See
22                    https://github.com/openbmc/jsnbd/blob/master/README.''',
23)
24
25# if you use this option and are seeing this comment, please comment here:
26# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
27# for this code.  At this point, no daemon has been upstreamed that implements
28# this interface, so for the moment this appears to be dead code;  In leiu of
29# removing it, it has been disabled to try to give those that use it the
30# opportunity to upstream their backend implementation
31#option(
32#    'vm-nbdproxy',
33#    type: 'feature',
34#    value: 'disabled',
35#    description: 'Enable the Virtual Media WebSocket.'
36#)
37
38option(
39    'rest',
40    type: 'feature',
41    value: 'disabled',
42    description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
43                    Phosphor D-Bus object paths, for example,
44                    /xyz/openbmc_project/logging/entry/enumerate. See
45                    https://github.com/openbmc/docs/blob/master/rest-api.md.''',
46)
47
48option(
49    'redfish',
50    type: 'feature',
51    value: 'enabled',
52    description: '''Enable Redfish APIs.  Paths are under /redfish/v1/. See
53                    https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
54)
55
56option(
57    'host-serial-socket',
58    type: 'feature',
59    value: 'enabled',
60    description: '''Enable host serial console WebSocket. Path is /console0.
61                    See https://github.com/openbmc/docs/blob/master/console.md.''',
62)
63
64option(
65    'static-hosting',
66    type: 'feature',
67    value: 'enabled',
68    description: '''Enable serving files from the /usr/share/www directory
69                    as paths under /.''',
70)
71
72option(
73    'redfish-bmc-journal',
74    type: 'feature',
75    value: 'enabled',
76    description: '''Enable BMC journal access through Redfish. Paths are under
77                    /redfish/v1/Managers/bmc/LogServices/Journal.''',
78)
79
80option(
81    'redfish-cpu-log',
82    type: 'feature',
83    value: 'disabled',
84    description: '''Enable CPU log service transactions through Redfish. Paths
85                    are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
86)
87
88option(
89    'redfish-dump-log',
90    type: 'feature',
91    value: 'disabled',
92    description: '''Enable Dump log service transactions through Redfish. Paths
93                   are under /redfish/v1/Systems/system/LogServices/Dump
94                   and /redfish/v1/Managers/bmc/LogServices/Dump''',
95)
96
97option(
98    'redfish-dbus-log',
99    type: 'feature',
100    value: 'disabled',
101    description: '''Enable DBUS log service transactions through Redfish. Paths
102                    are under
103                    /redfish/v1/Systems/system/LogServices/EventLog/Entries''',
104)
105
106option(
107    'redfish-host-logger',
108    type: 'feature',
109    value: 'enabled',
110    description: '''Enable host log service transactions based on
111                    phosphor-hostlogger through Redfish.  Paths are under
112                    /redfish/v1/Systems/system/LogServices/HostLogger''',
113)
114
115option(
116    'redfish-provisioning-feature',
117    type: 'feature',
118    value: 'disabled',
119    description: '''Enable provisioning feature support in redfish. Paths are
120                    under /redfish/v1/Systems/system/''',
121)
122
123option(
124    'redfish-manager-uri-name',
125    type: 'string',
126    value: 'bmc',
127    description: '''The static Redfish Manager ID representing the BMC
128                    instance. This option will appear in the Redfish tree at
129                    /redfish/v1/Managers/<redfish-manager-uri-name>.
130                    Defaults to \'bmc\' which resolves to
131                    /redfish/v1/Managers/bmc''',
132)
133
134option(
135    'redfish-system-uri-name',
136    type: 'string',
137    value: 'system',
138    description: '''The static Redfish System ID representing the host
139                    instance. This option will appear in the Redfish tree at
140                    /redfish/v1/Systems/<redfish-system-uri-name>.
141                    Defaults to \'system\' which resolves to
142                    /redfish/v1/Systems/system''',
143)
144
145option(
146    'bmcweb-logging',
147    type: 'combo',
148    choices: ['disabled', 'enabled', 'debug', 'info', 'warning', 'error', 'critical'],
149    value: 'error',
150    description: '''Enable output the extended logging level.
151                    - disabled: disable bmcweb log traces.
152                    - enabled: treated as 'debug'
153                    - For the other logging level option, see DEVELOPING.md.''',
154)
155
156option(
157    'basic-auth',
158    type: 'feature',
159    value: 'enabled',
160    description: 'Enable basic authentication',
161)
162
163option(
164    'session-auth',
165    type: 'feature',
166    value: 'enabled',
167    description: 'Enable session authentication',
168)
169
170option(
171    'xtoken-auth',
172    type: 'feature',
173    value: 'enabled',
174    description: 'Enable xtoken authentication',
175)
176
177option(
178    'cookie-auth',
179    type: 'feature',
180    value: 'enabled',
181    description: 'Enable cookie authentication',
182)
183
184option(
185    'mutual-tls-auth',
186    type: 'feature',
187    value: 'enabled',
188    description: '''Enables authenticating users through TLS client
189                    certificates. The insecure-disable-ssl must be disabled for
190                    this option to take effect.''',
191)
192
193option(
194    'mutual-tls-common-name-parsing',
195    type: 'combo',
196    choices: ['username', 'meta'],
197    value: 'username',
198    description: '''Sets logic to map the Subject Common Name field to a user
199                    in client TLS certificates.
200                    - username: Use the Subject CN field as a BMC username
201                                (default)
202                    - meta:     Parses the Subject CN in the format used by
203                                Meta Inc (see mutual_tls_meta.cpp for details)
204                    ''',
205)
206
207option(
208    'ibm-management-console',
209    type: 'feature',
210    value: 'disabled',
211    description: '''Enable the IBM management console specific functionality.
212                    Paths are under /ibm/v1/''',
213)
214
215option(
216    'google-api',
217    type: 'feature',
218    value: 'disabled',
219    description: '''Enable the Google specific functionality. Paths are under
220                    /google/v1/''',
221)
222
223option(
224    'http-body-limit',
225    type: 'integer',
226    min: 0,
227    max: 512,
228    value: 30,
229    description: 'Specifies the http request body length limit',
230)
231
232option(
233    'redfish-new-powersubsystem-thermalsubsystem',
234    type: 'feature',
235    value: 'enabled',
236    description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
237                    and all children schemas. This includes displaying all
238                    sensors in the SensorCollection.''',
239)
240
241option(
242    'redfish-allow-deprecated-power-thermal',
243    type: 'feature',
244    value: 'enabled',
245    description: '''Enable/disable the old Power / Thermal. The default
246                    condition is allowing the old Power / Thermal. This
247                    will be disabled by default June 2024. ''',
248)
249
250option(
251    'redfish-oem-manager-fan-data',
252    type: 'feature',
253    value: 'enabled',
254    description: '''Enables Redfish OEM fan data on the manager resource.
255                    This includes PID and Stepwise controller data. See
256                    OemManager schema for more detail.''',
257)
258
259option(
260    'redfish-updateservice-use-dbus',
261    type: 'feature',
262    value: 'disabled',
263    description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
264                    to propagate UpdateService requests to the corresponding
265                    updater daemons instead of moving files to /tmp/images dir.
266                    This option is temporary, should not be enabled on any
267                    production systems. The code will be moved to the normal
268                    code update flow and the option will be removed at the end
269                    of Q3 2024.
270                ''',
271)
272
273option(
274    'https_port',
275    type: 'integer',
276    min: 1,
277    max: 65535,
278    value: 443,
279    description: 'HTTPS Port number.',
280)
281
282option(
283    'dns-resolver',
284    type: 'combo',
285    choices: ['systemd-dbus', 'asio'],
286    value: 'systemd-dbus',
287    description: '''Sets which DNS resolver backend should be used.
288    systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
289    support.  asio relies on boost::asio::tcp::resolver, but cannot resolve
290    names when boost threading is disabled.''',
291)
292
293option(
294    'redfish-aggregation',
295    type: 'feature',
296    value: 'disabled',
297    description: 'Allows this BMC to aggregate resources from satellite BMCs',
298)
299
300option(
301    'experimental-redfish-multi-computer-system',
302    type: 'feature',
303    value: 'disabled',
304    description: '''This is a temporary option flag for staging the
305    ComputerSystemCollection transition to multi-host.  It, as well as the code
306    still beneath it will be removed on 9/1/2024.  Do not enable in a
307    production environment, or where API stability is required.''',
308)
309
310option(
311    'experimental-http2',
312    type: 'feature',
313    value: 'disabled',
314    description: '''Enable HTTP/2 protocol support using nghttp2.  Do not rely
315                    on this option for any production systems.  It may have
316                    behavior changes or be removed at any time.''',
317)
318
319# Insecure options. Every option that starts with a `insecure` flag should
320# not be enabled by default for any platform, unless the author fully comprehends
321# the implications of doing so.In general, enabling these options will cause security
322# problems of varying degrees
323
324option(
325    'insecure-disable-csrf',
326    type: 'feature',
327    value: 'disabled',
328    description: '''Disable CSRF prevention checks.Should be set to false for
329                    production systems.''',
330)
331
332option(
333    'insecure-disable-ssl',
334    type: 'feature',
335    value: 'disabled',
336    description: '''Disable SSL ports. Should be set to false for production
337                    systems.''',
338)
339
340option(
341    'insecure-disable-auth',
342    type: 'feature',
343    value: 'disabled',
344    description: '''Disable authentication and authoriztion on all ports.
345                    Should be set to false for production systems.''',
346)
347
348option(
349    'insecure-tftp-update',
350    type: 'feature',
351    value: 'disabled',
352    description: '''Enable TFTP based firmware update transactions through
353                    Redfish UpdateService.   SimpleUpdate.''',
354)
355
356option(
357    'insecure-ignore-content-type',
358    type: 'feature',
359    value: 'disabled',
360    description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
361                    of the presence of the content-type header.  Enabling this
362                    conflicts with the input parsing guidelines, but may be
363                    required to support old clients that may not set the
364                    Content-Type header on payloads.''',
365)
366
367option(
368    'insecure-push-style-notification',
369    type: 'feature',
370    value: 'disabled',
371    description: 'Enable HTTP push style eventing feature',
372)
373
374option(
375    'insecure-enable-redfish-query',
376    type: 'feature',
377    value: 'disabled',
378    description: '''Enables Redfish expand query parameter.  This feature is
379                    experimental, and has not been tested against the full
380                    limits of user-facing behavior.  It is not recommended to
381                    enable on production systems at this time.  Other query
382                    parameters such as only are not controlled by this option.''',
383)
384