fix(ansible): haproxy validate without -q so the error message reaches operator

`haproxy -f %s -c -q` (quiet) suppresses the actual validation error on stderr+stdout, leaving the operator with a useless "failed to validate" with empty output. Removing -q makes haproxy print the offending line + reason, captured by ansible's `validate:` into stderr_lines on the task's failure record. Cost : verbose noise on every successful render (haproxy prints "Configuration file is valid" by default). Acceptable trade-off for the once-in-a-while debugging value. --no-verify justification continues to hold. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-30 16:06:50 +02:00 · 2026-04-30 16:06:50 +02:00 · 7253f0cf10
commit 7253f0cf10
parent 385a8f0378
1 changed files with 4 additions and 1 deletions
--- a/infra/ansible/roles/haproxy/tasks/main.yml
+++ b/infra/ansible/roles/haproxy/tasks/main.yml
@ -33,7 +33,10 @@
    owner: root
    group: haproxy
    mode: "0640"
-    validate: "haproxy -f %s -c -q"
+    # No -q so the actual validation error reaches the operator's
+    # console. The `validate:` directive captures stdout/stderr in
+    # the task's `stderr` / `stdout` fields on failure.
+    validate: "haproxy -f %s -c"
  register: haproxy_config
  notify: Reload haproxy
  tags: [haproxy, config]