- name: validate mandatory parameters fail: msg: some mandatory parameters in cert variable are missing or invalid when: (cert is not defined) or (cert is not mapping) or (cert.key is not string) or (cert.cert is not string) - name: validate optional parameters fail: msg: some optional parameters in cert variable are missing or invalid when: ((cert.ca is defined) and (cert.ca is not string)) or ((cert.id is defined) and (cert.id is not string)) or ((cert.ecc is defined) and (cert.ecc is not boolean)) or ((cert.fqdn is defined) and (cert.fqdn is not string)) or ((cert.tld is defined) and (cert.tld is not string)) or ((cert.hostname is defined) and (cert.hostname is not string)) or ((cert.hosts is defined) and (cert.hosts | type_debug != 'list')) or ((cert.tld is defined) and (cert.tld is not string)) or ((cert.stapling is defined) and (cert.stapling is not boolean)) or ((cert.post_hook is defined) and (cert.post_hook is not string)) or ((cert.notify is defined) and (cert.notify is not string)) or ((cert.owner is defined) and (cert.owner is not string)) or ((cert.group is defined) and (cert.group is not string)) - name: validate parameter combinations fail: msg: parameters are defined in an invalid combination when: ((cert.fqdn is defined) and (cert.hosts is defined)) or ((cert.tld is defined) and (cert.hosts is defined)) or ((cert.hostname is defined) and (cert.hosts is defined)) or ((cert.fqdn is defined) and (cert.tld is defined)) or ((cert.fqdn is defined) and (cert.hostname is defined)) - name: validate hosts fail: msg: host parameters are invalid or are defined in an invalid combination when: ((host.fqdn is defined) and (host.fqdn is not string)) or ((host.tld is defined) and (host.tld is not string)) or ((host.hostname is defined) and (host.hostname is not string)) or ((host.fqdn is defined) and (host.tld is defined)) or ((host.fqdn is defined) and (host.hostname is defined)) loop: "{{ cert.hosts }}" loop_control: loop_var: host