Tiny templates changes related to the latest release of Ansible

ansible.cfg

@@ -211,7 +211,7 @@ callback_plugins   = 3rdparty/kolter-playbooks/3rdparty/ansible-callback-condens
 # by default callbacks are not loaded for /bin/ansible, enable this if you
 # want, for example, a notification or logging callback to also apply to
 # /bin/ansible runs
-#bin_ansible_callbacks = False
+bin_ansible_callbacks = True
 
 
 # don't like cows?  that's unfortunate.

roles/common/templates/aliases.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 #
 # Common aliases

roles/common/templates/apt/apt-nopdiffs.j2

@@ -1,5 +1,6 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 Acquire::Pdiffs "false";

roles/common/templates/apt/apt-norecommends.j2

@@ -1,6 +1,7 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 APT::Install-Recommends "false";
 APT::Install-Suggests "false";

roles/common/templates/apt/apt-progressbar.j2

@@ -1,5 +1,6 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 Dpkg::Progress-Fancy "1";

roles/common/templates/apt/auto-upgrades.buster.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";
@@ -24,4 +25,3 @@ Unattended-Upgrade::Origins-Pattern {
 {% endfor %}
 {% endif %}
 };
-

roles/common/templates/apt/auto-upgrades.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/auto-upgrades.jessie.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/auto-upgrades.sid.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/auto-upgrades.squeeze.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/auto-upgrades.stretch.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/auto-upgrades.wheezy.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 
 APT::Periodic::Update-Package-Lists "1";
 APT::Periodic::Unattended-Upgrade "1";

roles/common/templates/apt/sources.buster.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb {{ debian_mirror }}/debian buster main contrib non-free
 #deb-src {{ debian_mirror }}/debian buster main contrib non-free
 

roles/common/templates/apt/sources.jessie.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb {{ debian_mirror }}/debian jessie main contrib non-free
 #deb-src {{ debian_mirror }}/debian jessie main contrib non-free
 

roles/common/templates/apt/sources.lenny.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb http://archive.debian.org/debian lenny main contrib non-free
 #deb-src http://archive.debian.org/debian lenny main contrib non-free
 

roles/common/templates/apt/sources.sid.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb {{ debian_mirror }}/debian sid main contrib non-free
 deb-src {{ debian_mirror }}/debian sid main contrib non-free
 

roles/common/templates/apt/sources.squeeze.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb http://archive.debian.org/debian squeeze main contrib non-free
 #deb-src http://archive.debian.org/debian squeeze main contrib non-free
 

roles/common/templates/apt/sources.stretch.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb {{ debian_mirror }}/debian stretch main contrib non-free
 #deb-src {{ debian_mirror }}/debian stretch main contrib non-free
 

roles/common/templates/apt/sources.wheezy.list.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 deb http://archive.debian.org/debian wheezy main contrib non-free
 #deb-src http://archive.debian.org/debian wheezy main contrib non-free
 

roles/common/templates/chkrootkit/chkrootkit.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 RUN_DAILY="false"
 RUN_DAILY_OPTS="-q"
 DIFF_MODE="false"

roles/common/templates/cron/letsencrypt.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # /etc/cron.d/letsencrypt-local:
 # Sign/renew non-existant/changed/expiring certificates generated with Let's
 # Encrypt

roles/common/templates/cron/logcheck.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # /etc/cron.d/logcheck: crontab entries for the logcheck package
 
 PATH=/bin:/sbin:/usr/bin:/usr/sbin

roles/common/templates/dehydrated/config_hooks.sh.j2

@@ -1,6 +1,7 @@
-{% if ansible_prolog %}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
 {% endif %}
 
 #

roles/common/templates/dehydrated/domains.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if ssl_certs_auto|length > 0 %}
 {% for d in ssl_certs_auto %}
 {{ d }}

roles/common/templates/dehydrated/hook.sh.j2

@@ -1,7 +1,8 @@
 #!/bin/sh
-{% if ansible_prolog %}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
 {% endif %}
 
 hooks_dir="$(dirname "$(readlink -f "${0}")")/hooks"

roles/common/templates/dehydrated/hooks/apache2.sh.j2

@@ -1,7 +1,8 @@
 #!/usr/bin/env bash
-{% if ansible_prolog %}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
 {% endif %}
 
 deploy_challenge() {

roles/common/templates/dehydrated/hooks/nginx.sh.j2

@@ -1,7 +1,8 @@
 #!/usr/bin/env bash
-{% if ansible_prolog %}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
 {% endif %}
 
 deploy_challenge() {

roles/common/templates/dns/resolv.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if with_dnscache|bool %}
 nameserver 127.0.0.1
 {% endif %}

roles/common/templates/ferm/ferm.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 #  Configuration file for ferm(1).
 #

roles/common/templates/hosts.deny.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
 #                  See the manual pages hosts_access(5) and hosts_options(5).
 #

roles/common/templates/hosts.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 127.0.0.1 localhost.localdomain localhost
 {% if hosts_fqdn and ansible_default_ipv4.address is defined %}

roles/common/templates/kernel/sysfs.d/00-sysfs-prolog.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # /etc/sysfs.conf - Configuration file for setting sysfs attributes.
 #

roles/common/templates/kernel/sysfs.d/10-disks.conf.j2

@@ -7,7 +7,7 @@ block/{{ disk }}/queue/scheduler = none
 {% endfor %}
 {% endif %}
 {% if sysfs_disk_settings %}
-{% for disk in ansible_devices -%}
+{% for disk in ansible_devices %}
 {% for key in sysfs_disk_settings %}
 block/{{ disk }}/{{ key }} = {{ sysfs_disk_settings[key] }}
 {% endfor %}

roles/common/templates/logrotate/rsyslog.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 /var/log/syslog
 /var/log/daemon.log

roles/common/templates/opendkim/InternalHosts.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 127.0.0.1
 ::1
 {% if dkim_internal_hosts is defined %}

roles/common/templates/opendkim/KeyTable.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% for domain in dkim_domains %}
 {{ dkim_selector }}._domainkey.{{ domain }} {{ domain }}:{{ dkim_selector }}:/etc/opendkim/{{ domain }}_{{ dkim_selector }}.pem
 {% endfor %}

roles/common/templates/opendkim/SigningTable.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% for domain in dkim_domains %}
 *@{{ domain }} {{ dkim_selector }}._domainkey.{{ domain }}
 {% endfor %}

roles/common/templates/opendkim/opendkim.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 ##
 ## opendkim.conf -- configuration file for OpenDKIM filter
 ##

roles/common/templates/opendkim/opendkim.service.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 [Unit]
 Description=OpenDKIM DomainKeys Identified Mail (DKIM) Milter
 Documentation=man:opendkim(8) man:opendkim.conf(5) man:opendkim-genkey(8) man:opendkim-genzone(8) man:opendkim-testadsp(8) man:opendkim-testkey http://www.opendkim.org/docs.html

roles/common/templates/postfix/main.cf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 # See /usr/share/postfix/main.cf.dist for a commented, more complete version
 

roles/common/templates/postfix/sasl_credentials.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if postfix_external_smtp_credentials %}
 {% for credential in postfix_external_smtp_credentials %}
 {{ credential.email }} {{ credential.username }}:{{ credential.password }}

roles/common/templates/postfix/sasl_sender_relay.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if postfix_external_smtp_relays %}
 {% for relay in postfix_external_smtp_relays %}
 {{ relay.email }} [{{ relay.hostname }}]:{{ relay.port }}

roles/common/templates/postfix/sasl_sender_rewrite.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if postfix_external_sender_rewrites %}
 {% for rewrite in postfix_external_sender_rewrites %}
 {{ rewrite.regexp }} {{ rewrite.email }}

roles/common/templates/postfix/transport_slowsmtp.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 wanadoo.fr      slowsmtp:
 wanadoo.com     slowsmtp:
 orange.fr       slowsmtp:

roles/common/templates/rkhunter/jessie.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the main configuration file for Rootkit Hunter.
 #
@@ -362,10 +363,10 @@ ALLOW_SSH_ROOT_USER=without-password
 #
 ENABLE_TESTS=ALL
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}

roles/common/templates/rkhunter/lenny.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the configuration file for Rootkit Hunter.
 #
@@ -201,10 +202,10 @@ ALLOW_SSH_PROT_V1=0
 # package in Debian.
 ENABLE_TESTS="all"
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}"

roles/common/templates/rkhunter/sid.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the main configuration file for Rootkit Hunter.
 #
@@ -268,10 +269,10 @@ ALLOW_SSH_PROT_V1=0
 #
 ENABLE_TESTS="all"
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}"

roles/common/templates/rkhunter/squeeze.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the main configuration file for Rootkit Hunter.
 #
@@ -248,10 +249,10 @@ ALLOW_SSH_PROT_V1=0
 #
 ENABLE_TESTS="all"
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}"

roles/common/templates/rkhunter/stretch.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the main configuration file for Rootkit Hunter.
 #
@@ -362,10 +363,10 @@ ALLOW_SSH_ROOT_USER=without-password
 #
 ENABLE_TESTS=all
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}

roles/common/templates/rkhunter/wheezy.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # This is the main configuration file for Rootkit Hunter.
 #
@@ -268,10 +269,10 @@ ALLOW_SSH_PROT_V1=0
 #
 ENABLE_TESTS="all"
 {% set disable_tests = [] %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'guest' %}
   {% if disable_tests.append('os_specific') %}{% endif %}
 {%- endif %}
-{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' -%}
+{% if not ansible_virtualization_role is defined or ansible_virtualization_role != 'host' %}
     {% if disable_tests.append('promisc') %}{% endif %}
 {%- endif %}
 DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps {{ disable_tests|join(' ') }}"

roles/common/templates/smartd/default.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Defaults for smartmontools initscript (/etc/init.d/smartmontools)
 # This is a POSIX shell fragment
 

roles/common/templates/smartd/smartd.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # /etc/smartd.conf
 # Configuration file for smartd. Use "man smartd.conf" for more information.
 

roles/common/templates/ssh/sshd_config.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #	$OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
 
 # This is the sshd server system-wide configuration file.  See

roles/common/templates/ssh/sshd_config.legacy.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Package generated configuration file
 # See the sshd_config(5) manpage for details
 

roles/common/templates/sudo/local-admin.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # sudo configuration for local admins
 #

roles/hypervisor/templates/ganeti/instance-debootstrap/buster.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Ganeti deboostrap instance for Debian Jessie 8
 #

roles/hypervisor/templates/ganeti/instance-debootstrap/jessie.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Ganeti deboostrap instance for Debian Jessie 8
 #

roles/hypervisor/templates/ganeti/instance-debootstrap/stretch.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Ganeti deboostrap instance for Debian Jessie 8
 #

roles/hypervisor/templates/ganeti/kernel/modprobe.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 #
 # Options kernel modules while using ganeti

roles/hypervisor/templates/ganeti/kernel/modules.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 #
 # Kernel modules to load while using ganeti

roles/monitoring/templates/mon/default.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Defaults for mon initscript
 # Created by Dario Minnucci <midget@debian.org>
 

roles/monitoring/templates/mon/slave.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Mon config file
 #

roles/monitoring/templates/zabbix/agent.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # This is a config file for the Zabbix agent daemon (Unix)
 # To get more information about Zabbix, visit http://www.zabbix.com
 

roles/monitoring/templates/zabbix/plugins/ssl-discovery.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if zabbix_plugins_config.discovery.ssl is defined %}
 {% for key in zabbix_plugins_config.discovery.ssl %}
 {{ key }}:

roles/monitoring/templates/zabbix/plugins/web-availability-discovery.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 {% if zabbix_plugins_config.discovery.web is defined %}
 {% for key in zabbix_plugins_config.discovery.web.availability %}
 {{ key }}:

roles/rsyncserver/templates/rsyncd.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 uid = {{ rsyncd_uid }}
 gid = {{ rsyncd_gid }}
 use chroot = yes

roles/webserver/tasks/php.yml

@@ -362,6 +362,7 @@
     owner: 'root'
     group: 'root'
     mode: '0644'
+    trim_blocks: 'no'
   notify:
       - 'Reload FPM for PHP'
   when: with_fpm|bool and not (fpm_pools is defined and fpm_pools) and ansible_lsb.major_release|int >= 9
@@ -376,6 +377,7 @@
     owner: 'root'
     group: 'root'
     mode: '0644'
+    trim_blocks: 'no'
   notify:
       - 'Reload FPM for PHP'
   when: with_fpm|bool and fpm_pools is defined and fpm_pools and ansible_lsb.major_release|int >= 9

roles/webserver/templates/apache2/conf.d/security.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Disable access to the entire file system except for the directories that
 # are explicitly allowed later.

roles/webserver/templates/apache2/letsencrypt.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 <IfModule proxy_module>
     # Do not proxy ACME challenge responses
     ProxyPass /.well-known/acme-challenge/ !

roles/webserver/templates/apache2/pga_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Apache vhost for phppgadmin
 
 <VirtualHost {%if phppgadmin_vhostip %}{{ phppgadmin_vhostip }}{% else %}*{% endif %}:{{ phppgadmin_vhostport }}>

roles/webserver/templates/apache2/php5/security-local.ini.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog(';') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+;
+; {{ ansible_controlled }}
+;
+{% endif %}
 short_open_tag  =   Off
 open_basedir    =   /var/www:/tmp
 upload_tmp_dir  =   /tmp

roles/webserver/templates/apache2/php5/security-local.rmll1.ini.j2

@@ -1,7 +1,9 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog(';') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+;
+; {{ ansible_controlled }}
+;
+{% endif %}
+{% endif %}
 display_errors  =   Off
 log_errors      =   On
 error_log       =   syslog

roles/webserver/templates/apache2/pma_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Apache vhost for phpmyadmin
 
 <VirtualHost {%if phpmyadmin_vhostip %}{{ phpmyadmin_vhostip }}{% else %}*{% endif %}:{%if phpmyadmin_vhostport %}{{ phpmyadmin_vhostport }}{% else %}80{% endif %}>

roles/webserver/templates/apache2/sys_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Apache vhost for PHP system checks
 
 <VirtualHost {%if phpsyscheck_vhostip %}{{ phpsyscheck_vhostip }}{% else %}*{% endif %}:{%if phpsyscheck_vhostport %}{{ phpsyscheck_vhostport }}{% else %}80{% endif %}>

roles/webserver/templates/fpm/apache2/fpm-pool.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 <IfModule proxy_fcgi_module>
     <FilesMatch ".+\.ph(p[3457]?|t|tml)$">
     {% if ansible_lsb.major_release|int >= 9 %}

roles/webserver/templates/fpm/default.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # fpm default file for php5-fpm init script
 #

roles/webserver/templates/fpm/nginx/fastcgi_pass_fpm.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # fastcgi configuration for Nginx and PHP-FPM
 #

roles/webserver/templates/fpm/nginx/fpm-pool.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 {% if fpm_pools is defined and fpm_pools %}
 {% for pool in fpm_pools %}

roles/webserver/templates/fpm/php-fpm-pools-legacy.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog(';') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+;
+; {{ ansible_controlled }}
+;
+{% endif %}
 ;;;;;;;;;;;;;;;;;;;;;;;;
 ; FPM Pool Definitions ;·
 ;;;;;;;;;;;;;;;;;;;;;;;;

roles/webserver/templates/fpm/php-fpm-pools.conf.j2

@@ -1,8 +1,8 @@
-#jinja2: trim_blocks:False
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog(';') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+;
+; {{ ansible_controlled }}
+;
+{% endif %}
 ;;;;;;;;;;;;;;;;;;;;;;;;
 ; FPM Pool Definitions ;·
 ;;;;;;;;;;;;;;;;;;;;;;;;

roles/webserver/templates/fpm/php5-fpm-pools.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+;
+; {{ ansible_controlled }}
+;
+{% endif %}
 ;;;;;;;;;;;;;;;;;;;;;;;;
 ; FPM Pool Definitions ;·
 ;;;;;;;;;;;;;;;;;;;;;;;;

roles/webserver/templates/logrotate/apache2.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 /var/log/apache2/*.log {
     daily
     missingok

roles/webserver/templates/logrotate/nginx.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 /var/log/nginx/*.log {
     daily
     missingok

roles/webserver/templates/logrotate/php-errors.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 /var/log/php/*.log
 {

roles/webserver/templates/nginx/cloudflare.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 set_real_ip_from 103.21.244.0/22;
 set_real_ip_from 103.22.200.0/22;

roles/webserver/templates/nginx/conf.d/status.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 server {
     server_name localhost;
     location /nginx_status {

roles/webserver/templates/nginx/default.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Note: You may want to look at the following page before setting the ULIMIT.
 # #  http://wiki.nginx.org/CoreModule#worker_rlimit_nofile
 # # Set the ulimit variable if you need defaults to change.

roles/webserver/templates/nginx/letsencrypt.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 location /.well-known/acme-challenge/ {
     auth_basic off;
     default_type text/plain;

roles/webserver/templates/nginx/mime.types.custom.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 types {
     application/font-woff2              woff2;

roles/webserver/templates/nginx/nginx.conf.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # nginx Configuration File
 # http://wiki.nginx.org/Configuration
 

roles/webserver/templates/nginx/pga_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Nginx vhost for phppgadmin
 
 server {

roles/webserver/templates/nginx/pma_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Nginx vhost for phpmyadmin
 
 server {

roles/webserver/templates/nginx/sys_vhost.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 # Nginx vhost for PHP system checks
 
 server {

roles/webserver/templates/nginx/vhost_all.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 
 include /etc/nginx/vhost_expires;
 include /etc/nginx/vhost_cache-fd;

roles/webserver/templates/nginx/vhost_cache-fd.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Add some cache on file descriptors
 #

roles/webserver/templates/nginx/vhost_expires.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Expirerules for static content
 #

roles/webserver/templates/nginx/vhost_protect-files.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Protect hidden files and directories
 #

roles/webserver/templates/nginx/vhost_security.j2

@@ -1,7 +1,8 @@
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog() }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+#
+# {{ ansible_controlled }}
+#
+{% endif %}
 #
 # Various security rules
 #

roles/webserver/templates/php/apc.php

@@ -1,8 +1,9 @@
 <?php
-{% if ansible_prolog -%}
-{% from 'templates/ansible/prolog.j2' import prolog with context %}
-{{ prolog('//') }}
-{% endif -%}
+{% if ansible_controlled is defined and ansible_controlled != "" %}
+//
+// {{ ansible_controlled }}
+//
+{% endif %}
 /*
   +----------------------------------------------------------------------+
   | APC                                                                  |