veza/ansible/playbooks/00-bootstrap-local.yml

---
# Bootstrap localhost for Veza V5 Ultra deployment testing
# Ensures python3, sudo, and essential tools are available

- name: Bootstrap localhost for Veza deployment testing
  hosts: edge
  gather_facts: false
  become: false
  connection: local

  pre_tasks:
    - name: Install essential packages (Fedora)
      dnf:
        name:
          - python3
          - python3-pip
          - sudo
          - curl
          - gnupg2
          - net-tools
          - ca-certificates
          - wget
          - unzip
          - git
          - vim
          - htop
          - iotop
          - nethogs
          - snapd
          - zfs
          - lxd-tools
          - bridge-utils
          - dnsmasq
          - openvswitch
          - openvswitch-ovn-central
          - openvswitch-ovn-host
          - openvswitch-ovn-common
          - firewalld
        state: present
        use_backend: dnf4

    - name: Ensure python3 is available
      command: which python3
      register: python3_check
      failed_when: false

    - name: Create symlink for python if needed
      file:
        src: /usr/bin/python3
        dest: /usr/bin/python
        state: link
      when: python3_check.rc != 0

    - name: Install Python packages for Ansible
      pip:
        name:
          - ansible-core
          - docker
          - requests
          - urllib3
        state: present

    - name: Ensure snapd service is enabled
      systemd:
        name: snapd
        state: started
        enabled: true

    - name: Enable and start OpenVSwitch
      systemd:
        name: "{{ item }}"
        state: started
        enabled: true
      loop:
        - openvswitch-switch
        - ovn-northd
        - ovn-controller

    - name: Start and enable firewalld
      systemd:
        name: firewalld
        state: started
        enabled: true

    - name: Configure firewall for Veza ports
      command: firewall-cmd --permanent --add-port={{ item }}/tcp
      loop:
        - "22"    # SSH
        - "80"    # HTTP
        - "443"   # HTTPS
        - "8080"  # Backend API
        - "8081"  # Chat WebSocket
        - "8082"  # Stream HLS
      register: firewall_result
      failed_when: false

    - name: Reload firewall rules
      command: firewall-cmd --reload
      register: firewall_reload_result
      failed_when: false

  post_tasks:
    - name: Test connectivity
      ping:
BASE: completing the initial repo state 2025-12-03 21:56:50 +00:00			`---`
			`# Bootstrap localhost for Veza V5 Ultra deployment testing`
			`# Ensures python3, sudo, and essential tools are available`

			`- name: Bootstrap localhost for Veza deployment testing`
			`hosts: edge`
			`gather_facts: false`
			`become: false`
			`connection: local`

			`pre_tasks:`
			`- name: Install essential packages (Fedora)`
			`dnf:`
			`name:`
			`- python3`
			`- python3-pip`
			`- sudo`
			`- curl`
			`- gnupg2`
			`- net-tools`
			`- ca-certificates`
			`- wget`
			`- unzip`
			`- git`
			`- vim`
			`- htop`
			`- iotop`
			`- nethogs`
			`- snapd`
			`- zfs`
			`- lxd-tools`
			`- bridge-utils`
			`- dnsmasq`
			`- openvswitch`
			`- openvswitch-ovn-central`
			`- openvswitch-ovn-host`
			`- openvswitch-ovn-common`
			`- firewalld`
			`state: present`
			`use_backend: dnf4`

			`- name: Ensure python3 is available`
			`command: which python3`
			`register: python3_check`
			`failed_when: false`

			`- name: Create symlink for python if needed`
			`file:`
			`src: /usr/bin/python3`
			`dest: /usr/bin/python`
			`state: link`
			`when: python3_check.rc != 0`

			`- name: Install Python packages for Ansible`
			`pip:`
			`name:`
			`- ansible-core`
			`- docker`
			`- requests`
			`- urllib3`
			`state: present`

			`- name: Ensure snapd service is enabled`
			`systemd:`
			`name: snapd`
			`state: started`
			`enabled: true`

			`- name: Enable and start OpenVSwitch`
			`systemd:`
			`name: "{{ item }}"`
			`state: started`
			`enabled: true`
			`loop:`
			`- openvswitch-switch`
			`- ovn-northd`
			`- ovn-controller`

			`- name: Start and enable firewalld`
			`systemd:`
			`name: firewalld`
			`state: started`
			`enabled: true`

			`- name: Configure firewall for Veza ports`
			`command: firewall-cmd --permanent --add-port={{ item }}/tcp`
			`loop:`
			`- "22" # SSH`
			`- "80" # HTTP`
			`- "443" # HTTPS`
			`- "8080" # Backend API`
			`- "8081" # Chat WebSocket`
			`- "8082" # Stream HLS`
			`register: firewall_result`
			`failed_when: false`

			`- name: Reload firewall rules`
			`command: firewall-cmd --reload`
			`register: firewall_reload_result`
			`failed_when: false`

			`post_tasks:`
			`- name: Test connectivity`
			`ping:`