diff --git a/roles/certbot/templates/certbot.container b/roles/certbot/templates/certbot.container index 90d03de..5765e24 100644 --- a/roles/certbot/templates/certbot.container +++ b/roles/certbot/templates/certbot.container @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=Certbot renewal diff --git a/roles/certbot/templates/certbot.timer b/roles/certbot/templates/certbot.timer index 2e7f6c7..645a153 100644 --- a/roles/certbot/templates/certbot.timer +++ b/roles/certbot/templates/certbot.timer @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=Run certbot once a week diff --git a/roles/certbot/templates/cli.ini b/roles/certbot/templates/cli.ini index 53037c3..63a9734 100644 --- a/roles/certbot/templates/cli.ini +++ b/roles/certbot/templates/cli.ini @@ -1,3 +1,5 @@ +; {{ ansible_managed }} + email = {{ certbot_email }} agree-tos = true diff --git a/roles/certbot/templates/porkbun.ini b/roles/certbot/templates/porkbun.ini index 1a12a46..b9c81f0 100644 --- a/roles/certbot/templates/porkbun.ini +++ b/roles/certbot/templates/porkbun.ini @@ -1,2 +1,4 @@ +; {{ ansible_managed }} + dns_porkbun_key={{ porkbun_apikey }} dns_porkbun_secret={{ porkbun_secretapikey }} diff --git a/roles/cockpit/templates/cockpit.conf b/roles/cockpit/templates/cockpit.conf index 710c26c..2474cec 100644 --- a/roles/cockpit/templates/cockpit.conf +++ b/roles/cockpit/templates/cockpit.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [WebService] Origins = https://cockpit.{{ host_fqdn }} wss://cockpit.{{ host_fqdn }} ProtocolHeader = X-Forwarded-Proto diff --git a/roles/ddns/templates/ddns.container b/roles/ddns/templates/ddns.container index 4cb89b0..2d0ee27 100644 --- a/roles/ddns/templates/ddns.container +++ b/roles/ddns/templates/ddns.container @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=DDNS Update diff --git a/roles/ddns/templates/ddns.ini b/roles/ddns/templates/ddns.ini index 8b30ddb..a1ff419 100644 --- a/roles/ddns/templates/ddns.ini +++ b/roles/ddns/templates/ddns.ini @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + DOMAIN={{ ddns_domain }} SUBDOMAINS={{ ','.join(ddns_subdomains) }} APIKEY={{ porkbun_apikey }} diff --git a/roles/forgejo/templates/forgejo.container b/roles/forgejo/templates/forgejo.container index f003a5f..6603318 100644 --- a/roles/forgejo/templates/forgejo.container +++ b/roles/forgejo/templates/forgejo.container @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=Forgejo diff --git a/roles/forgejo/templates/forgejo.network b/roles/forgejo/templates/forgejo.network index 3c1d111..40d5cb5 100644 --- a/roles/forgejo/templates/forgejo.network +++ b/roles/forgejo/templates/forgejo.network @@ -1,2 +1,4 @@ +# {{ ansible_managed }} + [Network] NetworkName=forgejo diff --git a/roles/forgejo/templates/forgejo.volume b/roles/forgejo/templates/forgejo.volume index 38b2d8a..7774ffe 100644 --- a/roles/forgejo/templates/forgejo.volume +++ b/roles/forgejo/templates/forgejo.volume @@ -1,2 +1,4 @@ +# {{ ansible_managed }} + [Volume] VolumeName=forgejo-data diff --git a/roles/nginx/files/nginx.conf b/roles/nginx/files/nginx.conf index fc92e15..d0d9e27 100644 --- a/roles/nginx/files/nginx.conf +++ b/roles/nginx/files/nginx.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ diff --git a/roles/nginx/files/proxy.conf b/roles/nginx/files/proxy.conf index d70928d..91c971d 100644 --- a/roles/nginx/files/proxy.conf +++ b/roles/nginx/files/proxy.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/roles/nginx/templates/http.conf b/roles/nginx/templates/http.conf index 6b02cb8..113c47e 100644 --- a/roles/nginx/templates/http.conf +++ b/roles/nginx/templates/http.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' diff --git a/roles/nginx/templates/me.conf b/roles/nginx/templates/me.conf index 192d437..313df5f 100644 --- a/roles/nginx/templates/me.conf +++ b/roles/nginx/templates/me.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + server { include ssl.conf; include fastcgi.conf; diff --git a/roles/nginx/templates/reverse_proxy.conf b/roles/nginx/templates/reverse_proxy.conf index 74694ae..d6a2706 100644 --- a/roles/nginx/templates/reverse_proxy.conf +++ b/roles/nginx/templates/reverse_proxy.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + upstream {{ proxy_domain }} { server {{ proxy_upstream }}; } diff --git a/roles/nginx/templates/ssl.conf b/roles/nginx/templates/ssl.conf index 843e4ea..854d127 100644 --- a/roles/nginx/templates/ssl.conf +++ b/roles/nginx/templates/ssl.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + listen 443 ssl http2; ssl_certificate /etc/letsencrypt/live/{{ nginx_certname }}/fullchain.pem; diff --git a/roles/sshd/files/10-ca.conf b/roles/sshd/files/10-ca.conf index 3ebd8f9..cc3a88e 100644 --- a/roles/sshd/files/10-ca.conf +++ b/roles/sshd/files/10-ca.conf @@ -1 +1,3 @@ +# {{ ansible_managed }} + TrustedUserCAKeys /etc/ssh/sshd_config.d/trusted-user-ca-keys.pem diff --git a/roles/sshd/templates/10-harden.conf b/roles/sshd/templates/10-harden.conf index 1b24217..d1a8d08 100644 --- a/roles/sshd/templates/10-harden.conf +++ b/roles/sshd/templates/10-harden.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + # Port Port {{ sshd_port }} diff --git a/roles/sshd/templates/10-signed-host-key.conf b/roles/sshd/templates/10-signed-host-key.conf index 64caebd..44fe26f 100644 --- a/roles/sshd/templates/10-signed-host-key.conf +++ b/roles/sshd/templates/10-signed-host-key.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + HostCertificate /etc/ssh/sshd_config.d/ssh_host_rsa_key-cert.pub HostCertificate /etc/ssh/sshd_config.d/ssh_host_ecdsa_key-cert.pub HostCertificate /etc/ssh/sshd_config.d/ssh_host_ed25519_key-cert.pub diff --git a/roles/thelounge/templates/thelounge.container b/roles/thelounge/templates/thelounge.container index 9effd08..cf3115e 100644 --- a/roles/thelounge/templates/thelounge.container +++ b/roles/thelounge/templates/thelounge.container @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=The Lounge diff --git a/roles/thelounge/templates/thelounge.volume b/roles/thelounge/templates/thelounge.volume index ac04b1e..266ffe6 100644 --- a/roles/thelounge/templates/thelounge.volume +++ b/roles/thelounge/templates/thelounge.volume @@ -1,2 +1,4 @@ +# {{ ansible_managed }} + [Volume] VolumeName=thelounge-data diff --git a/roles/tmpfiles/templates/user.conf b/roles/tmpfiles/templates/user.conf index 6b4215e..1780c92 100644 --- a/roles/tmpfiles/templates/user.conf +++ b/roles/tmpfiles/templates/user.conf @@ -1 +1,3 @@ +# {{ ansible_managed }} + d /var/tmp/{{ target_user }} 0740 {{ target_user }} {{ target_group }} {{ tmpfiles_retention }} diff --git a/roles/vaultwarden/templates/vaultwarden.container b/roles/vaultwarden/templates/vaultwarden.container index a8e7729..8b720d4 100644 --- a/roles/vaultwarden/templates/vaultwarden.container +++ b/roles/vaultwarden/templates/vaultwarden.container @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Unit] Description=Vaultwarden diff --git a/roles/vaultwarden/templates/vaultwarden.ini b/roles/vaultwarden/templates/vaultwarden.ini index 44fdd36..c5f3f85 100644 --- a/roles/vaultwarden/templates/vaultwarden.ini +++ b/roles/vaultwarden/templates/vaultwarden.ini @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + DATABASE_URL=postgresql://{{ vaultwarden_db_user }}:{{ vaultwarden_db_pass | urlencode }}@{{ vaultwarden_db_host }}/{{ vaultwarden_db_name }} DOMAIN=https://{{ vaultwarden_address }} diff --git a/roles/vaultwarden/templates/vaultwarden.network b/roles/vaultwarden/templates/vaultwarden.network index 5d4e868..287df04 100644 --- a/roles/vaultwarden/templates/vaultwarden.network +++ b/roles/vaultwarden/templates/vaultwarden.network @@ -1,2 +1,4 @@ +# {{ ansible_managed }} + [Network] NetworkName=vaultwarden diff --git a/roles/vaultwarden/templates/vaultwarden.volume b/roles/vaultwarden/templates/vaultwarden.volume index 9158846..9cac133 100644 --- a/roles/vaultwarden/templates/vaultwarden.volume +++ b/roles/vaultwarden/templates/vaultwarden.volume @@ -1,2 +1,4 @@ +# {{ ansible_managed }} + [Volume] VolumeName=vaultwarden-data diff --git a/roles/wg/templates/wg.conf b/roles/wg/templates/wg.conf index d7c6c09..36ce155 100644 --- a/roles/wg/templates/wg.conf +++ b/roles/wg/templates/wg.conf @@ -1,3 +1,5 @@ +# {{ ansible_managed }} + [Interface] # Assign the static IP Address = {{ address }}