feat: golden-image build support (cloud-init on EL, selinux relabel, SSH wait)

2026-05-27 05:05:55 +02:00
parent 2c35409519
commit 939c5c741f
5 changed files with 34 additions and 0 deletions
--- a/roles/global_defaults/defaults/main.yml
+++ b/roles/global_defaults/defaults/main.yml
@@ -58,6 +58,8 @@ system_defaults:
  version: ""
  filesystem: "ext4"
  name: ""
+  # consumed by the golden produce/deploy wrappers, not the bootstrap itself
+  source: ""
  id: ""
  cpus: 0
  memory: 0 # MiB
@@ -101,6 +103,10 @@ system_defaults:
    bits: 512
    pbkdf: "argon2id"
  features:
+    # Bake cloud-init for the deterministic clone-deploy golden path; off by
+    # default (ansible-direct everywhere, smaller image). Package name is
+    # uniform across families.
+    cloud_init: false
    cis:
      enabled: false
      profile: default # default|l1|l2 (default = current house behaviour)