updated config validation to be more verbose

tasks/debian/letsencrypt/cert.yml

@@ -16,6 +16,15 @@
       - le_cert.key_size in CERT_HC.options.key_size.cert
       - le_cert.domains | length > 0
       - le_cert.email | validate_email or CERT_CONFIG.cert.email | validate_email
+  ignore_errors: true
+  register: le_cnf_check
+
+- name: "Certificates | Debian | LetsEncrypt Certbot | {{ le_name }} | Invalid config"
+  ansible.builtin.fail:
+    msg: "LetsEncrypt-CONFIG: {{ CERT_CONFIG.letsencrypt }} | {{ le_cert }}"
+  when:
+    - le_cnf_check.failed is defined
+    - le_cnf_check.failed
 
 - name: "Certificates | Debian | LetsEncrypt Certbot | {{ le_name }} | Creating directory"
   ansible.builtin.file:

tasks/internal/ca_minimal.yml

@@ -7,6 +7,15 @@
     that:
       - config_ca.ca.key_size in CERT_HC.options.key_size.ca
       - config_ca.ca.email | default(none, true) is none or config_ca.ca.email | validate_email
+  ignore_errors: true
+  register: ca_cnf_check
+
+- name: Certificates | Internal | Minimal CA | Invalid config
+  ansible.builtin.fail:
+    msg: "CA-CONFIG: {{ config_ca }}"
+  when:
+    - ca_cnf_check.failed is defined
+    - ca_cnf_check.failed
 
 - name: Certificates | Internal | Minimal CA | Creating ca directory
   ansible.builtin.file:

tasks/internal/cert.yml

@@ -5,6 +5,15 @@
     that:
       - config_cert.cert.key_size in CERT_HC.options.key_size.cert
       - config_cert.cert.email | default(none, true) is none or config_cert.cert.email | validate_email
+  ignore_errors: true
+  register: crt_cnf_check
+
+- name: Certificates | Internal | Minimal CA | Invalid config
+  ansible.builtin.fail:
+    msg: "CERT-CONFIG: {{ config_cert }}"
+  when:
+    - crt_cnf_check.failed is defined
+    - crt_cnf_check.failed
 
 - name: Certificates | Internal | Cert | Generate private key (encrypted)
   community.crypto.openssl_privatekey: