xref: /openbmc/bmcweb/meson.options (revision 8dc3ddf6) 
1option(
2    'yocto-deps',
3    type: 'feature',
4    value: 'disabled',
5    description: 'Use YOCTO dependencies system',
6)
7
8option(
9    'kvm',
10    type: 'feature',
11    value: 'enabled',
12    description: '''Enable the KVM host video WebSocket.  Path is /kvm/0.
13                    Video is from the BMCs /dev/videodevice.''',
14)
15
16option(
17    'tests',
18    type: 'feature',
19    value: 'enabled',
20    description: 'Enable Unit tests for bmcweb',
21)
22
23option(
24    'vm-websocket',
25    type: 'feature',
26    value: 'enabled',
27    description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 and /nbd/<id> to
28                    open the websocket. See
29                    https://github.com/openbmc/jsnbd/blob/master/README.''',
30)
31
32# if you use this option and are seeing this comment, please comment here:
33# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
34# for this code.  At this point, no daemon has been upstreamed that implements
35# this interface, so for the moment this appears to be dead code;  In leiu of
36# removing it, it has been disabled to try to give those that use it the
37# opportunity to upstream their backend implementation
38#option(
39#    'vm-nbdproxy',
40#    type: 'feature',
41#    value: 'disabled',
42#    description: 'Enable the Virtual Media WebSocket.'
43#)
44
45option(
46    'rest',
47    type: 'feature',
48    value: 'disabled',
49    description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
50                    Phosphor D-Bus object paths, for example,
51                    /xyz/openbmc_project/logging/entry/enumerate. See
52                    https://github.com/openbmc/docs/blob/master/rest-api.md.''',
53)
54
55option(
56    'redfish',
57    type: 'feature',
58    value: 'enabled',
59    description: '''Enable Redfish APIs.  Paths are under /redfish/v1/. See
60                    https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''',
61)
62
63option(
64    'host-serial-socket',
65    type: 'feature',
66    value: 'enabled',
67    description: '''Enable host serial console WebSocket. Path is /console0.
68                    See https://github.com/openbmc/docs/blob/master/console.md.''',
69)
70
71option(
72    'static-hosting',
73    type: 'feature',
74    value: 'enabled',
75    description: '''Enable serving files from the /usr/share/www directory
76                    as paths under /.''',
77)
78
79option(
80    'redfish-bmc-journal',
81    type: 'feature',
82    value: 'enabled',
83    description: '''Enable BMC journal access through Redfish. Paths are under
84                    /redfish/v1/Managers/bmc/LogServices/Journal.''',
85)
86
87option(
88    'redfish-cpu-log',
89    type: 'feature',
90    value: 'disabled',
91    description: '''Enable CPU log service transactions through Redfish. Paths
92                    are under /redfish/v1/Systems/system/LogServices/Crashdump'.''',
93)
94
95option(
96    'redfish-dump-log',
97    type: 'feature',
98    value: 'disabled',
99    description: '''Enable Dump log service transactions through Redfish. Paths
100                   are under /redfish/v1/Systems/system/LogServices/Dump
101                   and /redfish/v1/Managers/bmc/LogServices/Dump''',
102)
103
104option(
105    'redfish-dbus-log',
106    type: 'feature',
107    value: 'disabled',
108    description: '''Enable DBUS log service transactions through Redfish. Paths
109                    are under
110                    /redfish/v1/Systems/system/LogServices/EventLog/Entries''',
111)
112
113option(
114    'redfish-host-logger',
115    type: 'feature',
116    value: 'enabled',
117    description: '''Enable host log service transactions based on
118                    phosphor-hostlogger through Redfish.  Paths are under
119                    /redfish/v1/Systems/system/LogServices/HostLogger''',
120)
121
122option(
123    'redfish-provisioning-feature',
124    type: 'feature',
125    value: 'disabled',
126    description: '''Enable provisioning feature support in redfish. Paths are
127                    under /redfish/v1/Systems/system/''',
128)
129
130option(
131    'redfish-manager-uri-name',
132    type: 'string',
133    value: 'bmc',
134    description: '''The static Redfish Manager ID representing the BMC
135                    instance. This option will appear in the Redfish tree at
136                    /redfish/v1/Managers/<redfish-manager-uri-name>.
137                    Defaults to \'bmc\' which resolves to
138                    /redfish/v1/Managers/bmc''',
139)
140
141option(
142    'redfish-system-uri-name',
143    type: 'string',
144    value: 'system',
145    description: '''The static Redfish System ID representing the host
146                    instance. This option will appear in the Redfish tree at
147                    /redfish/v1/Systems/<redfish-system-uri-name>.
148                    Defaults to \'system\' which resolves to
149                    /redfish/v1/Systems/system''',
150)
151
152option(
153    'bmcweb-logging',
154    type: 'combo',
155    choices: ['disabled', 'enabled', 'debug', 'info', 'warning', 'error', 'critical'],
156    value: 'error',
157    description: '''Enable output the extended logging level.
158                    - disabled: disable bmcweb log traces.
159                    - enabled: treated as 'debug'
160                    - For the other logging level option, see DEVELOPING.md.''',
161)
162
163option(
164    'basic-auth',
165    type: 'feature',
166    value: 'enabled',
167    description: 'Enable basic authentication',
168)
169
170option(
171    'session-auth',
172    type: 'feature',
173    value: 'enabled',
174    description: 'Enable session authentication',
175)
176
177option(
178    'xtoken-auth',
179    type: 'feature',
180    value: 'enabled',
181    description: 'Enable xtoken authentication',
182)
183
184option(
185    'cookie-auth',
186    type: 'feature',
187    value: 'enabled',
188    description: 'Enable cookie authentication',
189)
190
191option(
192    'mutual-tls-auth',
193    type: 'feature',
194    value: 'enabled',
195    description: '''Enables authenticating users through TLS client
196                    certificates. The insecure-disable-ssl must be disabled for
197                    this option to take effect.''',
198)
199
200option(
201    'mutual-tls-common-name-parsing',
202    type: 'combo',
203    choices: ['username', 'meta'],
204    value: 'username',
205    description: '''Sets logic to map the Subject Common Name field to a user
206                    in client TLS certificates.
207                    - username: Use the Subject CN field as a BMC username
208                                (default)
209                    - meta:     Parses the Subject CN in the format used by
210                                Meta Inc (see mutual_tls_meta.cpp for details)
211                    ''',
212)
213
214option(
215    'ibm-management-console',
216    type: 'feature',
217    value: 'disabled',
218    description: '''Enable the IBM management console specific functionality.
219                    Paths are under /ibm/v1/''',
220)
221
222option(
223    'google-api',
224    type: 'feature',
225    value: 'disabled',
226    description: '''Enable the Google specific functionality. Paths are under
227                    /google/v1/''',
228)
229
230option(
231    'http-body-limit',
232    type: 'integer',
233    min: 0,
234    max: 512,
235    value: 30,
236    description: 'Specifies the http request body length limit',
237)
238
239option(
240    'redfish-new-powersubsystem-thermalsubsystem',
241    type: 'feature',
242    value: 'enabled',
243    description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
244                    and all children schemas. This includes displaying all
245                    sensors in the SensorCollection.''',
246)
247
248option(
249    'redfish-allow-deprecated-power-thermal',
250    type: 'feature',
251    value: 'enabled',
252    description: '''Enable/disable the old Power / Thermal. The default
253                    condition is allowing the old Power / Thermal. This
254                    will be disabled by default June 2024. ''',
255)
256
257option(
258    'redfish-oem-manager-fan-data',
259    type: 'feature',
260    value: 'enabled',
261    description: '''Enables Redfish OEM fan data on the manager resource.
262                    This includes PID and Stepwise controller data. See
263                    OemManager schema for more detail.''',
264)
265
266option(
267    'redfish-updateservice-use-dbus',
268    type: 'feature',
269    value: 'disabled',
270    description: '''Enables xyz.openbmc_project.Software.Update D-Bus interface
271                    to propagate UpdateService requests to the corresponding
272                    updater daemons instead of moving files to /tmp/images dir.
273                    This option is temporary, should not be enabled on any
274                    production systems. The code will be moved to the normal
275                    code update flow and the option will be removed at the end
276                    of Q3 2024.
277                ''',
278)
279
280option(
281    'https_port',
282    type: 'integer',
283    min: 1,
284    max: 65535,
285    value: 443,
286    description: 'HTTPS Port number.',
287)
288
289option(
290    'dns-resolver',
291    type: 'combo',
292    choices: ['systemd-dbus', 'asio'],
293    value: 'systemd-dbus',
294    description: '''Sets which DNS resolver backend should be used.
295    systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
296    support.  asio relies on boost::asio::tcp::resolver, but cannot resolve
297    names when boost threading is disabled.''',
298)
299
300option(
301    'redfish-aggregation',
302    type: 'feature',
303    value: 'disabled',
304    description: 'Allows this BMC to aggregate resources from satellite BMCs',
305)
306
307option(
308    'experimental-redfish-multi-computer-system',
309    type: 'feature',
310    value: 'disabled',
311    description: '''This is a temporary option flag for staging the
312    ComputerSystemCollection transition to multi-host.  It, as well as the code
313    still beneath it will be removed on 9/1/2024.  Do not enable in a
314    production environment, or where API stability is required.''',
315)
316
317option(
318    'experimental-http2',
319    type: 'feature',
320    value: 'disabled',
321    description: '''Enable HTTP/2 protocol support using nghttp2.  Do not rely
322                    on this option for any production systems.  It may have
323                    behavior changes or be removed at any time.''',
324)
325
326# Insecure options. Every option that starts with a `insecure` flag should
327# not be enabled by default for any platform, unless the author fully comprehends
328# the implications of doing so.In general, enabling these options will cause security
329# problems of varying degrees
330
331option(
332    'insecure-disable-csrf',
333    type: 'feature',
334    value: 'disabled',
335    description: '''Disable CSRF prevention checks.Should be set to false for
336                    production systems.''',
337)
338
339option(
340    'insecure-disable-ssl',
341    type: 'feature',
342    value: 'disabled',
343    description: '''Disable SSL ports. Should be set to false for production
344                    systems.''',
345)
346
347option(
348    'insecure-disable-auth',
349    type: 'feature',
350    value: 'disabled',
351    description: '''Disable authentication and authoriztion on all ports.
352                    Should be set to false for production systems.''',
353)
354
355option(
356    'insecure-tftp-update',
357    type: 'feature',
358    value: 'disabled',
359    description: '''Enable TFTP based firmware update transactions through
360                    Redfish UpdateService.   SimpleUpdate.''',
361)
362
363option(
364    'insecure-ignore-content-type',
365    type: 'feature',
366    value: 'disabled',
367    description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
368                    of the presence of the content-type header.  Enabling this
369                    conflicts with the input parsing guidelines, but may be
370                    required to support old clients that may not set the
371                    Content-Type header on payloads.''',
372)
373
374option(
375    'insecure-push-style-notification',
376    type: 'feature',
377    value: 'disabled',
378    description: 'Enable HTTP push style eventing feature',
379)
380
381option(
382    'insecure-enable-redfish-query',
383    type: 'feature',
384    value: 'disabled',
385    description: '''Enables Redfish expand query parameter.  This feature is
386                    experimental, and has not been tested against the full
387                    limits of user-facing behavior.  It is not recommended to
388                    enable on production systems at this time.  Other query
389                    parameters such as only are not controlled by this option.''',
390)
391