diff --git a/playbooks/configure.yaml b/playbooks/configure.yaml
new file mode 100644
index 0000000..9e8df61
--- /dev/null
+++ b/playbooks/configure.yaml
@@ -0,0 +1,23 @@
+---
+- name: Group hosts by platform
+  hosts: all
+  tags:
+    - always
+  pre_tasks:
+    - include_tasks: tasks/meta/runtime-group-determination.yaml
+
+
+- name: Bootstrap remote ansible environment
+  hosts: linux
+  gather_facts: false
+  tags:
+    - always
+  tasks:
+    - include_tasks: tasks/meta/bootstrap-remote-env.yaml
+
+- name: Configure hosts by role
+  hosts: linux
+  gather_facts: false
+  roles:
+    - role: server
+      when: "'server' in skylab_roles | default([])"
diff --git a/tasks/meta/bootstrap-remote-env.yaml b/tasks/meta/bootstrap-remote-env.yaml
new file mode 100644
index 0000000..95c812f
--- /dev/null
+++ b/tasks/meta/bootstrap-remote-env.yaml
@@ -0,0 +1,45 @@
+---
+- name: Install CentOS 8 python bindings
+  when: ansible_distribution == "Rocky"
+  become: true
+  ansible.builtin.dnf:
+    state: present
+    name:
+      - python3-libselinux
+      - python3-policycoreutils
+      - python3-firewall
+
+- name: Create state directory
+  become: true
+  ansible.builtin.file:
+    path: "{{ skylab_state_dir }}"
+    state: directory
+    owner: "{{ ansible_user }}"
+    group: "{{ ansible_user }}"
+    mode: 0755
+
+- name: Create bootstrap virtualenv
+  ansible.builtin.command:
+    cmd: "{{ ansible_python_interpeter | default(discovered_interpreter_python) }} -m venv {{ skylab_ansible_venv }} --system-site-packages"
+    creates: "{{ skylab_ansible_venv }}/bin/python"
+
+- name: Pin bootstrap virtualenv pip
+  ansible.builtin.pip:
+    executable: "{{ skylab_ansible_venv }}/bin/pip"
+    name: pip
+    state: present
+    version: "{{ skylab_pip_version }}"
+
+- name: Copy requirements file to remote
+  ansible.builtin.copy:
+    src: remote-requirements.txt
+    dest: "{{ skylab_ansible_venv }}/requirements.txt"
+    owner: "{{ ansible_user }}"
+    group: "{{ ansible_user }}"
+    mode: 0644
+
+- name: Install remote requirements
+  ansible.builtin.pip:
+    executable: "{{ skylab_ansible_venv }}/bin/pip"
+    requirements: "{{ skylab_ansible_venv }}/requirements.txt"
+    state: present