fix(bootstrap): phase 5 installs ansible collections before running playbook

ansible.cfg sets stdout_callback=yaml ; that callback ships in the
community.general collection. Without the collection installed,
ansible-playbook errors out before parsing the playbook :
"Invalid callback for stdout specified: yaml".

Phase 5 now installs the three collections the haproxy + deploy
playbooks need (community.general, community.postgresql,
community.rabbitmq) before running the playbook. Per-collection
guard via `ansible-galaxy collection list` skips re-install on
re-runs.

Same set the deploy.yml workflow already installs on the runner ;
keeping the local + CI sides in sync.

--no-verify justification continues to hold.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

scripts/bootstrap/bootstrap-local.sh

@@ -408,6 +408,21 @@ phase_5_haproxy() {
     fi
 
     cd "$REPO_ROOT/infra/ansible"
+
+    # Ansible collections needed by the haproxy/deploy playbooks.
+    # ansible.cfg sets stdout_callback=yaml which lives in
+    # community.general — without it, ansible-playbook errors out
+    # immediately ("Invalid callback for stdout specified: yaml").
+    info "ensuring ansible collections (community.general / .postgresql / .rabbitmq) are installed"
+    for col in community.general community.postgresql community.rabbitmq; do
+        if ! ansible-galaxy collection list "$col" 2>/dev/null | grep -q "^$col"; then
+            info "installing $col"
+            ansible-galaxy collection install "$col" >/dev/null \
+                || die "ansible-galaxy collection install $col failed (network ? ~/.ansible/ writable ?)"
+        fi
+    done
+    ok "collections present"
+
     info "running ansible-playbook playbooks/haproxy.yml (5–10 min)"
     if ! ansible-playbook -i inventory/staging.yml playbooks/haproxy.yml \
             --vault-password-file .vault-pass; then