diff options
Diffstat (limited to 'meson_options.txt')
-rw-r--r-- | meson_options.txt | 306 |
1 files changed, 272 insertions, 34 deletions
diff --git a/meson_options.txt b/meson_options.txt index 6bdb615be9..d943222a45 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -1,7 +1,33 @@ -option('yocto-deps', type: 'feature', value: 'disabled', description : 'Use YOCTO dependencies system') -option('kvm', type : 'feature',value : 'enabled', description : 'Enable the KVM host video WebSocket. Path is \'/kvm/0\'. Video is from the BMC\'s \'/dev/video\' device.') -option ('tests', type : 'feature', value : 'enabled', description : 'Enable Unit tests for bmcweb') -option('vm-websocket', type : 'feature', value : 'enabled', description : '''Enable the Virtual Media WebSocket. Path is \'/vm/0/0\'to open the websocket. See https://github.com/openbmc/jsnbd/blob/master/README.''') +option( + 'yocto-deps', + type: 'feature', + value: 'disabled', + description: 'Use YOCTO dependencies system' +) + +option( + 'kvm', + type: 'feature', + value: 'enabled', + description: '''Enable the KVM host video WebSocket. Path is /kvm/0. + Video is from the BMCs /dev/videodevice.''' +) + +option( + 'tests', + type: 'feature', + value: 'enabled', + description: 'Enable Unit tests for bmcweb' +) + +option( + 'vm-websocket', + type: 'feature', + value: 'enabled', + description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 to + open the websocket. See + https://github.com/openbmc/jsnbd/blob/master/README.''' +) # if you use this option and are seeing this comment, please comment here: # https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions @@ -9,39 +35,251 @@ option('vm-websocket', type : 'feature', value : 'enabled', description : '''Ena # this interface, so for the moment this appears to be dead code; In leiu of # removing it, it has been disabled to try to give those that use it the # opportunity to upstream their backend implementation -#option('vm-nbdproxy', type: 'feature', value : 'disabled', description : 'Enable the Virtual Media WebSocket.') -option('rest', type : 'feature', value : 'disabled', description : '''Enable Phosphor REST (D-Bus) APIs. Paths directly map Phosphor D-Bus object paths, for example, \'/xyz/openbmc_project/logging/entry/enumerate\'. See https://github.com/openbmc/docs/blob/master/rest-api.md.''') -option('redfish', type : 'feature',value : 'enabled', description: 'Enable Redfish APIs. Paths are under \'/redfish/v1/\'. See https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.') -option('host-serial-socket', type : 'feature', value : 'enabled', description : 'Enable host serial console WebSocket. Path is \'/console0\'. See https://github.com/openbmc/docs/blob/master/console.md.') -option('static-hosting', type : 'feature', value : 'enabled', description : 'Enable serving files from the \'/usr/share/www\' directory as paths under \'/\'.') -option('redfish-bmc-journal', type : 'feature', value : 'disabled', description : 'Enable BMC journal access through Redfish. Paths are under \'/redfish/v1/Managers/bmc/LogServices/Journal\'.') -option('redfish-cpu-log', type : 'feature', value : 'disabled', description : '''Enable CPU log service transactions through Redfish. Paths are under \'/redfish/v1/Systems/system/LogServices/Crashdump'.''') -option('redfish-dump-log', type : 'feature', value : 'disabled', description : 'Enable Dump log service transactions through Redfish. Paths are under \'/redfish/v1/Systems/system/LogServices/Dump\'and \'/redfish/v1/Managers/bmc/LogServices/Dump\'') -option('redfish-dbus-log', type : 'feature', value : 'disabled', description : 'Enable DBUS log service transactions through Redfish. Paths are under \'/redfish/v1/Systems/system/LogServices/EventLog/Entries\'') -option('redfish-host-logger', type : 'feature', value : 'enabled', description : 'Enable host log service transactions based on phosphor-hostlogger through Redfish. Paths are under \'/redfish/v1/Systems/system/LogServices/HostLogger\'') -option('redfish-provisioning-feature', type : 'feature', value : 'disabled', description : 'Enable provisioning feature support in redfish. Paths are under \'/redfish/v1/Systems/system/\'') -option('bmcweb-logging', type : 'feature', value : 'disabled', description : 'Enable output the extended debug logs') -option('basic-auth', type : 'feature', value : 'enabled', description : '''Enable basic authentication''') -option('session-auth', type : 'feature', value : 'enabled', description : '''Enable session authentication''') -option('xtoken-auth', type : 'feature', value : 'enabled', description : '''Enable xtoken authentication''') -option('cookie-auth', type : 'feature', value : 'enabled', description : '''Enable cookie authentication''') -option('mutual-tls-auth', type : 'feature', value : 'enabled', description : '''Enables authenticating users through TLS client certificates. The insecure-disable-ssl must be disabled for this option to take effect.''') -option('ibm-management-console', type : 'feature', value : 'disabled', description : 'Enable the IBM management console specific functionality. Paths are under \'/ibm/v1/\'') -option('google-api', type : 'feature', value : 'disabled', description : 'Enable the Google specific functionality. Paths are under \'/google/v1/\'') -option('http-body-limit', type: 'integer', min : 0, max : 512, value : 30, description : 'Specifies the http request body length limit') -option('redfish-new-powersubsystem-thermalsubsystem', type : 'feature', value : 'disabled', description : 'Enable/disable the new PowerSubsystem, ThermalSubsystem, and all children schemas. This includes displaying all sensors in the SensorCollection. At a later date, this feature will be defaulted to enabled.') -option('redfish-allow-deprecated-power-thermal', type : 'feature', value : 'enabled', description : 'Enable/disable the old Power / Thermal. The default condition is allowing the old Power / Thermal.') -option ('https_port', type : 'integer', min : 1, max : 65535, value : 443, description : 'HTTPS Port number.') +#option( +# 'vm-nbdproxy', +# type: 'feature', value: 'disabled', +# description: 'Enable the Virtual Media WebSocket.' +#) + +option( + 'rest', + type: 'feature', + value: 'disabled', + description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map + Phosphor D-Bus object paths, for example, + /xyz/openbmc_project/logging/entry/enumerate. See + https://github.com/openbmc/docs/blob/master/rest-api.md.''' +) + +option( + 'redfish', + type: 'feature', + value: 'enabled', + description: '''Enable Redfish APIs. Paths are under /redfish/v1/. See + https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.''' +) + +option( + 'host-serial-socket', + type: 'feature', + value: 'enabled', + description: '''Enable host serial console WebSocket. Path is /console0. + See https://github.com/openbmc/docs/blob/master/console.md.''' +) + +option( + 'static-hosting', + type: 'feature', + value: 'enabled', + description: '''Enable serving files from the /usr/share/www directory + as paths under /.''' +) + +option( + 'redfish-bmc-journal', + type: 'feature', + value: 'disabled', + description: '''Enable BMC journal access through Redfish. Paths are under + /redfish/v1/Managers/bmc/LogServices/Journal.''' +) + +option( + 'redfish-cpu-log', + type: 'feature', + value: 'disabled', + description: '''Enable CPU log service transactions through Redfish. Paths + are under /redfish/v1/Systems/system/LogServices/Crashdump'.''' +) + +option( + 'redfish-dump-log', + type: 'feature', + value: 'disabled', + description: '''Enable Dump log service transactions through Redfish. Paths + are under /redfish/v1/Systems/system/LogServices/Dump + and /redfish/v1/Managers/bmc/LogServices/Dump''' +) + +option( + 'redfish-dbus-log', + type: 'feature', + value: 'disabled', + description: '''Enable DBUS log service transactions through Redfish. Paths + are under + /redfish/v1/Systems/system/LogServices/EventLog/Entries''' +) + +option( + 'redfish-host-logger', + type: 'feature', + value: 'enabled', + description: '''Enable host log service transactions based on + phosphor-hostlogger through Redfish. Paths are under + /redfish/v1/Systems/system/LogServices/HostLogger''' +) + +option( + 'redfish-provisioning-feature', + type: 'feature', + value: 'disabled', + description: '''Enable provisioning feature support in redfish. Paths are + under /redfish/v1/Systems/system/''' +) + +option( + 'bmcweb-logging', + type: 'feature', + value: 'disabled', + description: 'Enable output the extended debug logs' +) + +option( + 'basic-auth', + type: 'feature', + value: 'enabled', + description: 'Enable basic authentication' +) + +option( + 'session-auth', + type: 'feature', + value: 'enabled', + description: 'Enable session authentication' +) + +option( + 'xtoken-auth', + type: 'feature', + value: 'enabled', + description: 'Enable xtoken authentication' +) + +option( + 'cookie-auth', + type: 'feature', + value: 'enabled', + description: 'Enable cookie authentication' +) + +option( + 'mutual-tls-auth', + type: 'feature', + value: 'enabled', + description: '''Enables authenticating users through TLS client + certificates. The insecure-disable-ssl must be disabled for + this option to take effect.''' +) + +option( + 'ibm-management-console', + type: 'feature', + value: 'disabled', + description: '''Enable the IBM management console specific functionality. + Paths are under /ibm/v1/''' +) + +option( + 'google-api', + type: 'feature', + value: 'disabled', + description: '''Enable the Google specific functionality. Paths are under + /google/v1/''' +) + +option( + 'http-body-limit', + type: 'integer', + min: 0, + max: 512, + value: 30, + description: 'Specifies the http request body length limit' +) + +option( + 'redfish-new-powersubsystem-thermalsubsystem', + type: 'feature', + value: 'disabled', + description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem, + and all children schemas. This includes displaying all + sensors in the SensorCollection. At a later date, this + feature will be defaulted to enabled.''' +) + +option( + 'redfish-allow-deprecated-power-thermal', + type: 'feature', + value: 'enabled', + description: '''Enable/disable the old Power / Thermal. The default + condition is allowing the old Power / Thermal.''' +) + +option( + 'https_port', + type: 'integer', + min: 1, + max: 65535, + value: 443, + description: 'HTTPS Port number.' +) # Insecure options. Every option that starts with a `insecure` flag should # not be enabled by default for any platform, unless the author fully comprehends # the implications of doing so.In general, enabling these options will cause security # problems of varying degrees -option ('insecure-disable-csrf', type : 'feature', value : 'disabled', description : 'Disable CSRF prevention checks.Should be set to false for production systems.') -option ('insecure-disable-ssl', type : 'feature', value : 'disabled', description : 'Disable SSL ports. Should be set to false for production systems.') -option ('insecure-disable-auth', type : 'feature', value : 'disabled', description : 'Disable authentication on all ports. Should be set to false for production systems') -option ('insecure-disable-xss', type : 'feature', value : 'disabled', description : 'Disable XSS preventions') -option ('insecure-tftp-update', type : 'feature', value : 'disabled', description : '''Enable TFTP based firmware update transactions through Redfish UpdateService.SimpleUpdate.''') -option ('insecure-push-style-notification',type : 'feature', value : 'disabled', description : 'Enable HTTP push style eventing feature') -option ('insecure-enable-redfish-query', type : 'feature', value : 'disabled', description : 'Enables Redfish expand query parameter. This feature is experimental, and has not been tested against the full limits of user-facing behavior. It is not recommended to enable on production systems at this time. Other query parameters such as only are not controlled by this option.') +option( + 'insecure-disable-csrf', + type: 'feature', + value: 'disabled', + description: '''Disable CSRF prevention checks.Should be set to false for + production systems.''' +) + +option( + 'insecure-disable-ssl', + type: 'feature', + value: 'disabled', + description: '''Disable SSL ports. Should be set to false for production + systems.''' +) + +option( + 'insecure-disable-auth', + type: 'feature', + value: 'disabled', + description: '''Disable authentication on all ports. Should be set to false + for production systems''' +) + +option( + 'insecure-disable-xss', + type: 'feature', + value: 'disabled', + description: 'Disable XSS preventions' +) + +option( + 'insecure-tftp-update', + type: 'feature', + value: 'disabled', + description: '''Enable TFTP based firmware update transactions through + Redfish UpdateService. SimpleUpdate.''' +) + +option( + 'insecure-push-style-notification', + type: 'feature', + value: 'disabled', + description: 'Enable HTTP push style eventing feature' +) + +option( + 'insecure-enable-redfish-query', + type: 'feature', + value: 'disabled', + description: '''Enables Redfish expand query parameter. This feature is + experimental, and has not been tested against the full + limits of user-facing behavior. It is not recommended to + enable on production systems at this time. Other query + parameters such as only are not controlled by this option.''' +) |