xref: /openbmc/bmcweb/meson.options (revision 463b2934e2857195fa56003fdff0127d130089d0)
1# BMCWEB_KVM
2option(
3    'kvm',
4    type: 'feature',
5    value: 'enabled',
6    description: '''Enable the KVM host video WebSocket.  Path is /kvm/0.
7                    Video is from the BMCs /dev/videodevice.''',
8)
9
10# BMCWEB_TESTS
11option(
12    'tests',
13    type: 'feature',
14    value: 'enabled',
15    description: 'Enable Unit tests for bmcweb',
16)
17
18# BMCWEB_VM_WEBSOCKET
19option(
20    'vm-websocket',
21    type: 'feature',
22    value: 'enabled',
23    description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
24                    open the websocket. See
25                    https://github.com/openbmc/jsnbd/blob/master/README.''',
26)
27
28# BMCWEB_NBDPROXY
29# if you use this option and are seeing this comment, please comment here:
30# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
31# for this code.  At this point, no daemon has been upstreamed that implements
32# this interface, so for the moment this appears to be dead code;  In leiu of
33# removing it, it has been disabled to try to give those that use it the
34# opportunity to upstream their backend implementation
35#option(
36#    'vm-nbdproxy',
37#    type: 'feature',
38#    value: 'disabled',
39#    description: 'Enable the Virtual Media WebSocket.'
40#)
41
42# BMCWEB_REST
43option(
44    'rest',
45    type: 'feature',
46    value: 'disabled',
47    description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
48                    Phosphor D-Bus object paths, for example,
49                    /xyz/openbmc_project/logging/entry/enumerate. See
50                    https://github.com/openbmc/docs/blob/master/rest-api.md.''',
51)
52
53# BMCWEB_REDFISH
54option(
55    'redfish',
56    type: 'feature',
57    value: 'enabled',
58    description: '''Enable Redfish APIs.  Paths are under /redfish/v1/. See
59                    https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
60)
61
62# BMCWEB_HOST_SERIAL_SOCKET
63option(
64    'host-serial-socket',
65    type: 'feature',
66    value: 'enabled',
67    description: '''Enable host serial console WebSocket. Path is /console0.
68                    See https://github.com/openbmc/docs/blob/master/console.md.''',
69)
70
71# BMCWEB_STATIC_HOSTING
72option(
73    'static-hosting',
74    type: 'feature',
75    value: 'enabled',
76    description: '''Enable serving files from the /usr/share/www directory
77                    as paths under /.''',
78)
79
80# BMCWEB_REDFISH_BMC_JOURNAL
81option(
82    'redfish-bmc-journal',
83    type: 'feature',
84    value: 'enabled',
85    description: '''Enable BMC journal access through Redfish. Paths are under
86                    /redfish/v1/Managers/bmc/LogServices/Journal.''',
87)
88
89# BMCWEB_REDFISH_CPU_LOG
90option(
91    'redfish-cpu-log',
92    type: 'feature',
93    value: 'disabled',
94    description: '''Enable CPU log service transactions through Redfish. Paths
95                    are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
96)
97
98# BMCWEB_REDFISH_DUMP_LOG
99option(
100    'redfish-dump-log',
101    type: 'feature',
102    value: 'disabled',
103    description: '''Enable Dump log service transactions through Redfish. Paths
104                   are under /redfish/v1/Systems/system/LogServices/Dump
105                   and /redfish/v1/Managers/bmc/LogServices/Dump''',
106)
107
108# BMCWEB_REDFISH_DBUS_LOG
109option(
110    'redfish-dbus-log',
111    type: 'feature',
112    value: 'disabled',
113    description: '''Enable DBUS log service transactions through Redfish. Paths
114                    are under
115                    /redfish/v1/Systems/system/LogServices/EventLog/Entries''',
116)
117
118# BMCWEB_EXPERIMENTAL_REDFISH_DBUS_LOG_SUBSCRIPTION
119option(
120    'experimental-redfish-dbus-log-subscription',
121    type: 'feature',
122    value: 'disabled',
123    description: '''
124        Allows EventService subscriptions when the redfish-dbus-log option is
125        enabled.
126        This option is currently non-functional, given Redfish requirements for
127        MessageId support in Events.
128        Option will be removed begining of Q2-2025.
129        Should not be enabled on any production systems.
130    ''',
131)
132
133# BMCWEB_REDFISH_HOST_LOGGER
134option(
135    'redfish-host-logger',
136    type: 'feature',
137    value: 'enabled',
138    description: '''Enable host log service transactions based on
139                    phosphor-hostlogger through Redfish.  Paths are under
140                    /redfish/v1/Systems/system/LogServices/HostLogger''',
141)
142
143# BMCWEB_REDFISH_PROVISIONING_FEATURE
144option(
145    'redfish-provisioning-feature',
146    type: 'feature',
147    value: 'disabled',
148    description: '''Enable provisioning feature support in redfish. Paths are
149                    under /redfish/v1/Systems/system/''',
150)
151
152# BMCWEB_REDFISH_MANAGER_URI_NAME
153option(
154    'redfish-manager-uri-name',
155    type: 'string',
156    value: 'bmc',
157    description: '''The static Redfish Manager ID representing the BMC
158                    instance. This option will appear in the Redfish tree at
159                    /redfish/v1/Managers/<redfish-manager-uri-name>.
160                    Defaults to \'bmc\' which resolves to
161                    /redfish/v1/Managers/bmc''',
162)
163
164# BMCWEB_REDFISH_SYSTEM_URI_NAME
165option(
166    'redfish-system-uri-name',
167    type: 'string',
168    value: 'system',
169    description: '''The static Redfish System ID representing the host
170                    instance. This option will appear in the Redfish tree at
171                    /redfish/v1/Systems/<redfish-system-uri-name>.
172                    Defaults to \'system\' which resolves to
173                    /redfish/v1/Systems/system''',
174)
175
176# BMCWEB_LOGGING_LEVEL
177option(
178    'bmcweb-logging',
179    type: 'combo',
180    choices: [
181        'disabled',
182        'enabled',
183        'debug',
184        'info',
185        'warning',
186        'error',
187        'critical',
188    ],
189    value: 'error',
190    description: '''Enable output the extended logging level.
191                    - disabled: disable bmcweb log traces.
192                    - enabled: treated as 'debug'
193                    - For the other logging level option, see DEVELOPING.md.''',
194)
195
196# BMCWEB_BASIC_AUTH
197option(
198    'basic-auth',
199    type: 'feature',
200    value: 'enabled',
201    description: 'Enable basic authentication',
202)
203
204# BMCWEB_SESSION_AUTH
205option(
206    'session-auth',
207    type: 'feature',
208    value: 'enabled',
209    description: 'Enable session authentication',
210)
211
212# BMCWEB_XTOKEN_AUTH
213option(
214    'xtoken-auth',
215    type: 'feature',
216    value: 'enabled',
217    description: 'Enable xtoken authentication',
218)
219
220# BMCWEB_COOKIE_AUTH
221option(
222    'cookie-auth',
223    type: 'feature',
224    value: 'enabled',
225    description: 'Enable cookie authentication',
226)
227
228# BMCWEB_MUTUAL_TLS_AUTH
229option(
230    'mutual-tls-auth',
231    type: 'feature',
232    value: 'enabled',
233    description: '''Enables authenticating users through TLS client
234                    certificates. The insecure-disable-ssl must be disabled for
235                    this option to take effect.''',
236)
237
238# BMCWEB_MUTUAL_TLS_COMMON_NAME_PARSING_DEFAULT
239option(
240    'mutual-tls-common-name-parsing-default',
241    type: 'combo',
242    choices: ['CommonName', 'Whole', 'UserPrincipalName', 'Meta'],
243    description: '''
244        Parses the Subject CN in the format used by
245                                Meta Inc (see mutual_tls_meta.cpp for details)
246                    ''',
247)
248
249# BMCWEB_META_TLS_COMMON_NAME_PARSING
250option(
251    'meta-tls-common-name-parsing',
252    type: 'feature',
253    description: '''
254        Allows parsing the Subject CN TLS certificate in the format used by
255                                Meta Inc (see mutual_tls_meta.cpp for details)
256    ''',
257)
258
259# BMCWEB_IBM_MANAGEMENT_CONSOLE
260option(
261    'ibm-management-console',
262    type: 'feature',
263    value: 'disabled',
264    description: '''Enable the IBM management console specific functionality.
265                    Paths are under /ibm/v1/''',
266)
267
268# BMCWEB_GOOGLE_API
269option(
270    'google-api',
271    type: 'feature',
272    value: 'disabled',
273    description: '''Enable the Google specific functionality. Paths are under
274                    /google/v1/''',
275)
276
277# BMCWEB_HTTP_BODY_LIMIT
278option(
279    'http-body-limit',
280    type: 'integer',
281    min: 0,
282    max: 512,
283    value: 30,
284    description: 'Specifies the http request body length limit',
285)
286
287# BMCWEB_REDFISH_NEW_POWERSUBSYSTEM_THERMALSUBSYSTEM
288option(
289    'redfish-new-powersubsystem-thermalsubsystem',
290    type: 'feature',
291    value: 'enabled',
292    description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
293                    and all children schemas. This includes displaying all
294                    sensors in the SensorCollection.''',
295)
296
297# BMCWEB_REDFISH_ALLOW_DEPRECATED_POWER_THERMAL
298option(
299    'redfish-allow-deprecated-power-thermal',
300    type: 'feature',
301    value: 'enabled',
302    description: '''Enable/disable the old Power / Thermal. The default
303                    condition is allowing the old Power / Thermal. This
304                    will be disabled by default June 2024. ''',
305)
306
307# BMCWEB_REDFISH_OEM_MANAGER_FAN_DATA
308option(
309    'redfish-oem-manager-fan-data',
310    type: 'feature',
311    value: 'enabled',
312    description: '''Enables Redfish OEM fan data on the manager resource.
313                    This includes PID and Stepwise controller data. See
314                    OpenBMCManager schema for more detail.''',
315)
316
317# BMCWEB_REDFISH_UPDATESERVICE_USE_DBUS
318option(
319    'redfish-updateservice-use-dbus',
320    type: 'feature',
321    value: 'disabled',
322    description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
323                    to propagate UpdateService requests to the corresponding
324                    updater daemons instead of moving files to /tmp/images dir.
325                    This option is temporary, should not be enabled on any
326                    production systems. The code will be moved to the normal
327                    code update flow and the option will be removed at the end
328                    of Q3 2024.
329                ''',
330)
331
332# BMCWEB_HTTPS_PORT
333option(
334    'https_port',
335    type: 'integer',
336    min: 1,
337    max: 65535,
338    value: 443,
339    description: 'HTTPS Port number.',
340)
341
342# BMCWEB_DNS_RESOLVER
343option(
344    'dns-resolver',
345    type: 'combo',
346    choices: ['systemd-dbus', 'asio'],
347    value: 'systemd-dbus',
348    description: '''Sets which DNS resolver backend should be used.
349    systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
350    support.  asio relies on boost::asio::tcp::resolver, but cannot resolve
351    names when boost threading is disabled.''',
352)
353
354# BMCWEB_REDFISH_AGGREGATION
355option(
356    'redfish-aggregation',
357    type: 'feature',
358    value: 'disabled',
359    description: 'Allows this BMC to aggregate resources from satellite BMCs',
360)
361
362# BMCWEB_HYPERVISOR_COMPUTER_SYSTEM
363option(
364    'hypervisor-computer-system',
365    type: 'feature',
366    value: 'disabled',
367    description: '''This puts a hypervisor computer system resource at
368    /redfish/v1/Systems/hypervisor. This system resource has children
369    resources such as EthernetInterfaces and ComputerSystem.Reset.''',
370)
371
372# BMCWEB_EXPERIMENTAL_REDFISH_MULTI_COMPUTER_SYSTEM
373option(
374    'experimental-redfish-multi-computer-system',
375    type: 'feature',
376    value: 'disabled',
377    description: '''This is a temporary option flag for staging the
378    ComputerSystemCollection transition to multi-host.  It, as well as the code
379    still beneath it will be removed on 3/1/2025.  Do not enable in a
380    production environment, or where API stability is required.''',
381)
382
383# BMCWEB_EXPERIMENTAL_HTTP2
384option(
385    'experimental-http2',
386    type: 'feature',
387    value: 'disabled',
388    description: '''Enable HTTP/2 protocol support using nghttp2.  Do not rely
389                    on this option for any production systems.  It may have
390                    behavior changes or be removed at any time.''',
391)
392
393# Insecure options. Every option that starts with a `insecure` flag should
394# not be enabled by default for any platform, unless the author fully comprehends
395# the implications of doing so.In general, enabling these options will cause security
396# problems of varying degrees
397
398# BMCWEB_INSECURE_DISABLE_CSRF
399option(
400    'insecure-disable-csrf',
401    type: 'feature',
402    value: 'disabled',
403    description: '''Disable CSRF prevention checks.Should be set to false for
404                    production systems.''',
405)
406
407# BMCWEB_INSECURE_DISABLE_SSL
408option(
409    'insecure-disable-ssl',
410    type: 'feature',
411    value: 'disabled',
412    description: '''Disable SSL ports. Should be set to false for production
413                    systems.''',
414)
415
416# BMCWEB_INSECURE_DISABLE_AUTH
417option(
418    'insecure-disable-auth',
419    type: 'feature',
420    value: 'disabled',
421    description: '''Disable authentication and authoriztion on all ports.
422                    Should be set to false for production systems.''',
423)
424
425# BMCWEB_INSECURE_IGNORE_CONTENT_TYPE
426option(
427    'insecure-ignore-content-type',
428    type: 'feature',
429    value: 'disabled',
430    description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
431                    of the presence of the content-type header.  Enabling this
432                    conflicts with the input parsing guidelines, but may be
433                    required to support old clients that may not set the
434                    Content-Type header on payloads.''',
435)
436
437# BMCWEB_INSECURE_PUSH_STYLE_NOTIFICATION
438option(
439    'insecure-push-style-notification',
440    type: 'feature',
441    value: 'disabled',
442    description: 'Enable HTTP push style eventing feature',
443)
444
445# BMCWEB_INSECURE_ENABLE_REDFISH_QUERY
446option(
447    'insecure-enable-redfish-query',
448    type: 'feature',
449    value: 'disabled',
450    description: '''Enables Redfish expand query parameter.  This feature is
451                    experimental, and has not been tested against the full
452                    limits of user-facing behavior.  It is not recommended to
453                    enable on production systems at this time.  Other query
454                    parameters such as only are not controlled by this option.''',
455)
456