diff --git a/roles/arch-boxes/templates/arch-boxes.service.j2 b/roles/arch-boxes/templates/arch-boxes.service.j2
index f0637607c0f2dafb19600246edc72618e2a1e9f7..4f93a28f37f6f1f9a4a5eaa7e3eaae6a56098414 100644
--- a/roles/arch-boxes/templates/arch-boxes.service.j2
+++ b/roles/arch-boxes/templates/arch-boxes.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=arch-boxes service for deploying images and vagrant boxes
 
diff --git a/roles/arch-boxes/templates/arch-boxes.timer.j2 b/roles/arch-boxes/templates/arch-boxes.timer.j2
index 65d20a9d98dcbd8697d2e398a0db59afea4e5d97..5015896c243bc97b57179d7e8af0768381d87c84 100644
--- a/roles/arch-boxes/templates/arch-boxes.timer.j2
+++ b/roles/arch-boxes/templates/arch-boxes.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Timer for arch-boxes.service
 
diff --git a/roles/arch-boxes/templates/sudoers.d.j2 b/roles/arch-boxes/templates/sudoers.d.j2
index a6e417b847d0e5acb51da69739fdebb51815c3e3..087642125b357638224dd649de1b3ce296cc9305 100644
--- a/roles/arch-boxes/templates/sudoers.d.j2
+++ b/roles/arch-boxes/templates/sudoers.d.j2
@@ -1 +1,4 @@
+#
+# {{ ansible_managed }}
+#
 %archboxes-sudo ALL=({{archboxes_user}}) NOPASSWD:ALL
diff --git a/roles/arch32_mirror/templates/nginx.d.conf.j2 b/roles/arch32_mirror/templates/nginx.d.conf.j2
index 5dbb56d07709c8de671d2fff606a67117386bd9f..13f83792a13384fb19d9ca95ab3acbae78e0ec07 100644
--- a/roles/arch32_mirror/templates/nginx.d.conf.j2
+++ b/roles/arch32_mirror/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/archive/templates/archive.conf.j2 b/roles/archive/templates/archive.conf.j2
index 93640db3842f5bead26a8ecf774971514d2d6232..3e1a0ab65bf5aef137eec797103df48fdcf7d502 100644
--- a/roles/archive/templates/archive.conf.j2
+++ b/roles/archive/templates/archive.conf.j2
@@ -1,5 +1,7 @@
 # vim:set sw=2 ts=2 ft=sh et:
-# This file is managed by Ansible. Local updates will be lost!
+#
+# {{ ansible_managed }}
+#
 
 # Archlinux remote rsync server
 ARCHIVE_RSYNC='rsync://rsync.archlinux.org/kitchensink_tier1/'
diff --git a/roles/archive/templates/nginx.d.conf.j2 b/roles/archive/templates/nginx.d.conf.j2
index 0fbcc291d00c16617ac912dcce6dba7259967315..3cd67c47f3f5b2f392b8279f5ec7b29ff63702ab 100644
--- a/roles/archive/templates/nginx.d.conf.j2
+++ b/roles/archive/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/archweb/templates/archweb-memcached.service.j2 b/roles/archweb/templates/archweb-memcached.service.j2
index e4bbb4ad3bb5c8731078397a5c3f6d02ecdca209..2b727654e415dcf431a3938fc4ccdfdffebc5ebb 100644
--- a/roles/archweb/templates/archweb-memcached.service.j2
+++ b/roles/archweb/templates/archweb-memcached.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archweb Memcached Daemon
 After=network.target
diff --git a/roles/archweb/templates/archweb-mirrorcheck.service.j2 b/roles/archweb/templates/archweb-mirrorcheck.service.j2
index c88497165d279c119f9ad298f9ffadd87a861a9c..160d2ff130696f3f9a7f85a087ccd21a4d3144df 100644
--- a/roles/archweb/templates/archweb-mirrorcheck.service.j2
+++ b/roles/archweb/templates/archweb-mirrorcheck.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb mirrorcheck service
 After=network.target
diff --git a/roles/archweb/templates/archweb-mirrorcheck.timer.j2 b/roles/archweb/templates/archweb-mirrorcheck.timer.j2
index b02559b87d8f4a9a30541729b7bde5357baf5a9f..5492d95cde9ae21d8c084229653140e3078eb58a 100644
--- a/roles/archweb/templates/archweb-mirrorcheck.timer.j2
+++ b/roles/archweb/templates/archweb-mirrorcheck.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb mirrorcheck
 
diff --git a/roles/archweb/templates/archweb-mirrorresolv.service.j2 b/roles/archweb/templates/archweb-mirrorresolv.service.j2
index d9712b6d52c9f4264141269dd52c9e6fc68d154d..794445dff93b591372439bf428c5915e2f5ffc74 100644
--- a/roles/archweb/templates/archweb-mirrorresolv.service.j2
+++ b/roles/archweb/templates/archweb-mirrorresolv.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb mirrorresolv service
 After=network.target
diff --git a/roles/archweb/templates/archweb-mirrorresolv.timer.j2 b/roles/archweb/templates/archweb-mirrorresolv.timer.j2
index e8ff9a481ad0080af068f738207eeae91682044e..bad4c9719d960279056964d8dbbb2e08ba4f90f7 100644
--- a/roles/archweb/templates/archweb-mirrorresolv.timer.j2
+++ b/roles/archweb/templates/archweb-mirrorresolv.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb mirrorresolv timer
 
diff --git a/roles/archweb/templates/archweb-pgp_import-pacman-hook.j2 b/roles/archweb/templates/archweb-pgp_import-pacman-hook.j2
index 02a87ae3833d67190f7f247fc3c78d9d76c73e13..ca211ce06fb9ba017351e64743c2c0f227cb1f3b 100644
--- a/roles/archweb/templates/archweb-pgp_import-pacman-hook.j2
+++ b/roles/archweb/templates/archweb-pgp_import-pacman-hook.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Trigger]
 Operation = Install
 Operation = Upgrade
diff --git a/roles/archweb/templates/archweb-pgp_import.service.j2 b/roles/archweb/templates/archweb-pgp_import.service.j2
index f405a1542413a619d31a95490ca8bb0aa975a308..c6f6fa6f0c60e2c8633712cc2ccac0842492ce35 100644
--- a/roles/archweb/templates/archweb-pgp_import.service.j2
+++ b/roles/archweb/templates/archweb-pgp_import.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb pgp_import
 
diff --git a/roles/archweb/templates/archweb-populate_signoffs.service.j2 b/roles/archweb/templates/archweb-populate_signoffs.service.j2
index c02f599801456d04eb509aef954712bf455e29f2..3a53fce8a277222a955bcf730e084f906dde1184 100644
--- a/roles/archweb/templates/archweb-populate_signoffs.service.j2
+++ b/roles/archweb/templates/archweb-populate_signoffs.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb populate_signoffs service
 After=network.target
diff --git a/roles/archweb/templates/archweb-populate_signoffs.timer.j2 b/roles/archweb/templates/archweb-populate_signoffs.timer.j2
index bcc09df1ca16d12cc5da5af76a08954526a8873e..b60c66da4c7e5bc3d50f4fd8902d4419467aa2e1 100644
--- a/roles/archweb/templates/archweb-populate_signoffs.timer.j2
+++ b/roles/archweb/templates/archweb-populate_signoffs.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb populate_signoffs timer
 
diff --git a/roles/archweb/templates/archweb-reporead.service.j2 b/roles/archweb/templates/archweb-reporead.service.j2
index f8c733e2b9b2425c95fa294ecaaafebc74c8a5df..8bd4cb2d085ed76f2271e7cba2990f01ba880525 100644
--- a/roles/archweb/templates/archweb-reporead.service.j2
+++ b/roles/archweb/templates/archweb-reporead.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb reporead
 After=network.target
diff --git a/roles/archweb/templates/archweb-rsync_iso.service.j2 b/roles/archweb/templates/archweb-rsync_iso.service.j2
index 258fb2ccfc0b7896aad0ffd3046fbeb7cc9938fe..ae6f31abdaad1b1776ec60abf4aa6599193b5953 100644
--- a/roles/archweb/templates/archweb-rsync_iso.service.j2
+++ b/roles/archweb/templates/archweb-rsync_iso.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb rsync iso service
 After=network.target
diff --git a/roles/archweb/templates/archweb-rsync_iso.timer.j2 b/roles/archweb/templates/archweb-rsync_iso.timer.j2
index e914f005a4766b817fc4b437af9918e4f25cb790..fdbbe2c9e569feb44013eb55f0160e7dc8a019bd 100644
--- a/roles/archweb/templates/archweb-rsync_iso.timer.j2
+++ b/roles/archweb/templates/archweb-rsync_iso.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=archweb rsync iso timer
 
diff --git a/roles/archweb/templates/archweb.ini.j2 b/roles/archweb/templates/archweb.ini.j2
index 4f418d0756227f428a6bdee4eb4b0693e5443421..387d2c6ba1c2e965488d339ad79a601e01276bd9 100644
--- a/roles/archweb/templates/archweb.ini.j2
+++ b/roles/archweb/templates/archweb.ini.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [uwsgi]
 plugins=python2
 chdir={{ archweb_dir }}
diff --git a/roles/archweb/templates/local_settings.py.j2 b/roles/archweb/templates/local_settings.py.j2
index bafcd607b246104d3786e15bc69039f390bb52a4..66d75b03e1741906a6904ed30b6ae8c4a74b4913 100644
--- a/roles/archweb/templates/local_settings.py.j2
+++ b/roles/archweb/templates/local_settings.py.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # Django settings for archlinux project.
 
 ## Debug settings
diff --git a/roles/archweb/templates/nginx.d.conf.j2 b/roles/archweb/templates/nginx.d.conf.j2
index 20ed049769ba652e4f6ce7f47eca49ddaf123236..3e0dfc49fd6c3ba46f1c4dc68f4ce842faed9d18 100644
--- a/roles/archweb/templates/nginx.d.conf.j2
+++ b/roles/archweb/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream archweb {
     server unix:///run/uwsgi/archweb.sock;
 }
diff --git a/roles/archwiki/templates/LocalSettings.php.j2 b/roles/archwiki/templates/LocalSettings.php.j2
index 78d4f137eeccaf40bcd295aaf2dd233b3483eae6..e79bd3ef760744b365570d4b62dd7c1d1ccda6d0 100644
--- a/roles/archwiki/templates/LocalSettings.php.j2
+++ b/roles/archwiki/templates/LocalSettings.php.j2
@@ -1,4 +1,8 @@
 <?php
+#
+# {{ ansible_managed }}
+#
+
 # This file was automatically generated by the MediaWiki 1.19.0
 # installer. If you make manual changes, please keep track in case you
 # need to recreate them later.
diff --git a/roles/archwiki/templates/archwiki-prune-cache.service.j2 b/roles/archwiki/templates/archwiki-prune-cache.service.j2
index 45d6089c7eb5cd569512d3aec88f1e4372a56a13..5260a1652b4ecb032cd89c1d464338ef8d7135d0 100644
--- a/roles/archwiki/templates/archwiki-prune-cache.service.j2
+++ b/roles/archwiki/templates/archwiki-prune-cache.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archwiki Prune Cache Service
 
diff --git a/roles/archwiki/templates/archwiki-prune-cache.timer.j2 b/roles/archwiki/templates/archwiki-prune-cache.timer.j2
index 95200a1904d20b83e35dd4a52e9ea694387e1024..6ab245171748b20a72e08f71305ef0f66d846115 100644
--- a/roles/archwiki/templates/archwiki-prune-cache.timer.j2
+++ b/roles/archwiki/templates/archwiki-prune-cache.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archwiki Prune Cache timer
 
diff --git a/roles/archwiki/templates/archwiki-runjobs-wait.service.j2 b/roles/archwiki/templates/archwiki-runjobs-wait.service.j2
index 04bfb6831081f2d45eb0a0030d7b98e87f9aaead..ea2f6a6312cf65fc5b8a25303829d5eccaf8ac5a 100644
--- a/roles/archwiki/templates/archwiki-runjobs-wait.service.j2
+++ b/roles/archwiki/templates/archwiki-runjobs-wait.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archwiki runJobs Wait Service
 
diff --git a/roles/archwiki/templates/archwiki-runjobs.service.j2 b/roles/archwiki/templates/archwiki-runjobs.service.j2
index 7faf3bda51c9ecebbb1df632ee064b37cc3a0b5c..bf13c4d375c20491f60aa139a67479fa821d8d55 100644
--- a/roles/archwiki/templates/archwiki-runjobs.service.j2
+++ b/roles/archwiki/templates/archwiki-runjobs.service.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archwiki runJobs Service
 
diff --git a/roles/archwiki/templates/archwiki-runjobs.timer.j2 b/roles/archwiki/templates/archwiki-runjobs.timer.j2
index 3e35ff644e1179c5d89ad3af7d3f2b7a5910ac0e..d6ef3bf602207d453ceb31b7d11622da75204854 100644
--- a/roles/archwiki/templates/archwiki-runjobs.timer.j2
+++ b/roles/archwiki/templates/archwiki-runjobs.timer.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [Unit]
 Description=Archwiki runJobs timer
 
diff --git a/roles/archwiki/templates/nginx.d.conf.j2 b/roles/archwiki/templates/nginx.d.conf.j2
index 8421856df2f6fc0d6406bbec415fd317e6567828..13e81e61b4af9c43d6b29aca0c032c05022ee2e0 100644
--- a/roles/archwiki/templates/nginx.d.conf.j2
+++ b/roles/archwiki/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream archwiki {
     server unix://{{ archwiki_socket }};
 }
diff --git a/roles/archwiki/templates/php-fpm.conf.j2 b/roles/archwiki/templates/php-fpm.conf.j2
index 88a1263442c36c0c66d0a44ecb4597acfa3eb294..0d9296d0c72171d92d717ed29f12c6df27161ca8 100644
--- a/roles/archwiki/templates/php-fpm.conf.j2
+++ b/roles/archwiki/templates/php-fpm.conf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [global]
 error_log = syslog
 daemonize = no
diff --git a/roles/borg-client/templates/backup-my.cnf.j2 b/roles/borg-client/templates/backup-my.cnf.j2
index 7ef9213aeb823130238fdd251e3116c4ff209a00..6b5551c89f3d73c29d8acf37d490dbbcd4631c9b 100644
--- a/roles/borg-client/templates/backup-my.cnf.j2
+++ b/roles/borg-client/templates/backup-my.cnf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [client]
 user = root
 password = {{mariadb_users.root}}
diff --git a/roles/borg-client/templates/backup-mysql.sh.j2 b/roles/borg-client/templates/backup-mysql.sh.j2
index f56e64688a4cf8598880394493bb9104cb4932df..75671859875530c5323b1b8c9e9c58515213c108 100644
--- a/roles/borg-client/templates/backup-mysql.sh.j2
+++ b/roles/borg-client/templates/backup-mysql.sh.j2
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+#
+# {{ ansible_managed }}
+#
+
 mysql_opts="--defaults-file={{mysql_backup_defaults}}"
 backupdir="{{mysql_backup_dir}}"
 
diff --git a/roles/borg-client/templates/backup-postgres.sh.j2 b/roles/borg-client/templates/backup-postgres.sh.j2
index 4fdd940ee3dc07992e3aecbac5e5c871de07bdb6..ada5ca97a02f0469707594c6a4bbb2104fb79bec 100644
--- a/roles/borg-client/templates/backup-postgres.sh.j2
+++ b/roles/borg-client/templates/backup-postgres.sh.j2
@@ -1,7 +1,9 @@
 #!/bin/bash
 #
+# {{ ansible_managed }}
+#
 # Script to backup all postgres databases individually
-# 
+#
 # Requires local login with `postgres` user and either trusted or peer auth.
 #
 
diff --git a/roles/borg-client/templates/borg-backup.sh.j2 b/roles/borg-client/templates/borg-backup.sh.j2
index bfed2df284a5464b682da0c27b1c71f2d0bb9c26..a037f6189ae9acb107d3317202c9e6b7cccef909 100644
--- a/roles/borg-client/templates/borg-backup.sh.j2
+++ b/roles/borg-client/templates/borg-backup.sh.j2
@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+#
+# {{ ansible_managed }}
+#
+
 set -e
 
 src="/"
diff --git a/roles/borg-client/templates/borg-restore.cfg.j2 b/roles/borg-client/templates/borg-restore.cfg.j2
index e7d956d953610728dfd4d4db8cc8f4321b199926..0202cb319c37ad92b90654c324c2b968301ac83f 100644
--- a/roles/borg-client/templates/borg-restore.cfg.j2
+++ b/roles/borg-client/templates/borg-restore.cfg.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # We set the repo in the /usr/local/bin/borg wrapper which is enough
 $borg_repo = "";
 
diff --git a/roles/borg-client/templates/borg.j2 b/roles/borg-client/templates/borg.j2
index a59bdddc849ab8c47f13c9b4c2af4f00ebccfa0c..dd13f89b6056c16be34b7047b14210a27c3df9c6 100644
--- a/roles/borg-client/templates/borg.j2
+++ b/roles/borg-client/templates/borg.j2
@@ -1,3 +1,6 @@
 #!/bin/bash
+#
+# {{ ansible_managed }}
+#
 
 BORG_REPO="{{ backup_host }}:{{ backup_dir }}" exec /usr/bin/borg "$@"
diff --git a/roles/common/templates/10-static-ethernet.network.j2 b/roles/common/templates/10-static-ethernet.network.j2
index 776fbf5d3cc8e02d86bd246a5f33642d3194b78a..c583d6ba10b0fd7c631c3c416211348ec748b15d 100644
--- a/roles/common/templates/10-static-ethernet.network.j2
+++ b/roles/common/templates/10-static-ethernet.network.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 [Match]
 Name=e*
 
diff --git a/roles/common/templates/journald.conf.j2 b/roles/common/templates/journald.conf.j2
index 720476926c5e662face6b6e60439c0444be20de3..f6d708271bf873d7f44df31f6d8a494e1fcfcb72 100644
--- a/roles/common/templates/journald.conf.j2
+++ b/roles/common/templates/journald.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 #  This file is part of systemd.
 #
 #  systemd is free software; you can redistribute it and/or modify it
diff --git a/roles/common/templates/locale.conf.j2 b/roles/common/templates/locale.conf.j2
index 48729f9406529371f69448ae50ef18ac78a6aaf7..c46c180cb518d31e25ce646fd0f7a47692341986 100644
--- a/roles/common/templates/locale.conf.j2
+++ b/roles/common/templates/locale.conf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 LANG=en_US.UTF-8
 LC_COLLATE=en_US.UTF-8
 LC_TIME=en_US.UTF-8
diff --git a/roles/common/templates/mirrorlist.j2 b/roles/common/templates/mirrorlist.j2
index b9fad69dcb9150c21aa9437119e99ad746bbabfa..1cf0734ed407309566b387a9e327171a98777f0c 100644
--- a/roles/common/templates/mirrorlist.j2
+++ b/roles/common/templates/mirrorlist.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 {% if 'mirrors' in group_names %}
 Server = file:///srv/ftp/$repo/os/$arch
 {% endif %}
diff --git a/roles/dbscripts/templates/authorized_keys-group.j2 b/roles/dbscripts/templates/authorized_keys-group.j2
index 236ddae0d3c3ca3e9f9e1ce7319e576d3c2da7a6..65c9e4f46d0a24de2f702f783a764bfb0c84d8f8 100644
--- a/roles/dbscripts/templates/authorized_keys-group.j2
+++ b/roles/dbscripts/templates/authorized_keys-group.j2
@@ -1,4 +1,7 @@
 #jinja2: lstrip_blocks: True
+#
+# {{ ansible_managed }}
+#
 {% for user in arch_users | sort %}
     {% for group in pubkey_groups | sort %}
         {% if group in arch_users[user].groups %}
diff --git a/roles/dbscripts/templates/gen_rsyncd.conf.pl b/roles/dbscripts/templates/gen_rsyncd.conf.pl
index c7ba294db05d00238c5c748a9c32b0736f653f60..f31f9c570249b2adc07da80a354be29078e0b1fc 100755
--- a/roles/dbscripts/templates/gen_rsyncd.conf.pl
+++ b/roles/dbscripts/templates/gen_rsyncd.conf.pl
@@ -1,5 +1,9 @@
 #!/usr/bin/env perl
 
+#
+# {{ ansible_managed }}
+#
+
 use strict;
 use warnings;
 use DBI;
diff --git a/roles/dbscripts/templates/nginx.d.conf.j2 b/roles/dbscripts/templates/nginx.d.conf.j2
index 70e672003f3b1247429fcb658a95af8a8382d8ff..3dc047db0e6d0d2ed69e14defe0446c10ffff7be 100644
--- a/roles/dbscripts/templates/nginx.d.conf.j2
+++ b/roles/dbscripts/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/dbscripts/templates/rsyncd.conf.proto.j2 b/roles/dbscripts/templates/rsyncd.conf.proto.j2
index 9d09d939e3c359023581b8de7b6a44596cf571de..a8f03746ca040688e4124d739b56e0917bc43bc0 100644
--- a/roles/dbscripts/templates/rsyncd.conf.proto.j2
+++ b/roles/dbscripts/templates/rsyncd.conf.proto.j2
@@ -1,4 +1,8 @@
-# DO NOT CHANGE rsync.conf, CHANGE rsync.conf.proto INSTEAD! 
+#
+# {{ ansible_managed }}
+#
+
+# DO NOT CHANGE rsync.conf, CHANGE rsync.conf.proto INSTEAD!
 # Hosts are managed by archweb, talk to someone that has permission to
 # play with mirrors to get new IP addresses added.
 
diff --git a/roles/dovecot/templates/dovecot.conf.j2 b/roles/dovecot/templates/dovecot.conf.j2
index d86f4ae07a12e48c8f00d816d7d94ecf2e375be6..98f76cf543b704ebc9209195c4929ff79c3e8932 100644
--- a/roles/dovecot/templates/dovecot.conf.j2
+++ b/roles/dovecot/templates/dovecot.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 auth_mechanisms = plain login
 disable_plaintext_auth = yes
 mail_location = mdbox:~/.mdbox
diff --git a/roles/dovecot/templates/letsencrypt.hook.d.j2 b/roles/dovecot/templates/letsencrypt.hook.d.j2
index 57c7f1f783233b2bb6a082cd32142d356ee49bb5..8c327a94fabc3942f2c1b3ef1d458acd46bb1935 100644
--- a/roles/dovecot/templates/letsencrypt.hook.d.j2
+++ b/roles/dovecot/templates/letsencrypt.hook.d.j2
@@ -1,5 +1,9 @@
 #!/bin/sh
 
+#
+# {{ ansible_managed }}
+#
+
 test "$1" = renew || exit 0
 
 check_domain="{{ mail_domain }}"
diff --git a/roles/flyspray/templates/flyspray.conf.php.j2 b/roles/flyspray/templates/flyspray.conf.php.j2
index d9a4c274baad657f71753cc0afb2c00af68687e8..4f6db6f01b3ba9a6614b22ebfff5a7db8bb36539 100644
--- a/roles/flyspray/templates/flyspray.conf.php.j2
+++ b/roles/flyspray/templates/flyspray.conf.php.j2
@@ -1,4 +1,7 @@
 ; <?php die( 'Do not access this page directly.' ); ?>
+#
+# {{ ansible_managed }}
+#
 
 [general]
 cookiesalt="{{ flyspray_cookie_salt }}"
diff --git a/roles/flyspray/templates/nginx.d.conf.j2 b/roles/flyspray/templates/nginx.d.conf.j2
index 0dd8b9d10f4421b340dc9049107761076dc2dbd9..6830b747913f7778b656aa189abd9972b41e6da6 100644
--- a/roles/flyspray/templates/nginx.d.conf.j2
+++ b/roles/flyspray/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream flyspray {
     server unix:///run/php-fpm/flyspray.socket;
 }
diff --git a/roles/flyspray/templates/php-fpm.conf.j2 b/roles/flyspray/templates/php-fpm.conf.j2
index 60af2fd4b989e104e61e0617088848e09534098f..53f6ba0326f190da56ecf42fc75a96844844e550 100644
--- a/roles/flyspray/templates/php-fpm.conf.j2
+++ b/roles/flyspray/templates/php-fpm.conf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [global]
 error_log = syslog
 daemonize = no
diff --git a/roles/grafana/templates/nginx.d.conf.j2 b/roles/grafana/templates/nginx.d.conf.j2
index 73b3cef8c63c9109953468afc6319b05b3fc936f..408eb92800ead13c82aed5111612711d84ff6a5c 100644
--- a/roles/grafana/templates/nginx.d.conf.j2
+++ b/roles/grafana/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream grafana {
 	server localhost:3000;
 }
diff --git a/roles/kanboard/templates/nginx.d.conf.j2 b/roles/kanboard/templates/nginx.d.conf.j2
index bd2ca1f7f0631385ec90717ba1dd4e0a89e55451..e63aee615c298f2da7a1f1069278d15eb4b7b2eb 100644
--- a/roles/kanboard/templates/nginx.d.conf.j2
+++ b/roles/kanboard/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream kanboard {
     server unix:///run/php-fpm/kanboard.socket;
 }
diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2
index d9fb708cacd1c92549037a74aeda10a5f91a5ccd..c57babc0ab1227c517cabac409f336e966db369b 100644
--- a/roles/mailman/templates/nginx.d.conf.j2
+++ b/roles/mailman/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/mariadb/templates/client.cnf.j2 b/roles/mariadb/templates/client.cnf.j2
index 8faf567c5e2263ffab3f94f8cc62831cb5c071da..8423f13cef645a9eafa92617a39c7d5f9e75664e 100644
--- a/roles/mariadb/templates/client.cnf.j2
+++ b/roles/mariadb/templates/client.cnf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [client]
 user=root
 password={{ mariadb_users.root }}
diff --git a/roles/mariadb/templates/server.cnf.j2 b/roles/mariadb/templates/server.cnf.j2
index ad9be3050a640290fad6c3f943bf961db0aea833..41f3901dc4485cf82ef48f2e60e1231ac5d9a828 100644
--- a/roles/mariadb/templates/server.cnf.j2
+++ b/roles/mariadb/templates/server.cnf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [client]
 port            = 3306
 socket          = /run/mysqld/mysqld.sock
diff --git a/roles/mariadb/templates/zabbix_agentd.my.cnf.j2 b/roles/mariadb/templates/zabbix_agentd.my.cnf.j2
index 28fec12b6674d6650b241c30a5e8647622d85eb3..418d9e418a33943141f6e07cd14f72b7bdede0a6 100644
--- a/roles/mariadb/templates/zabbix_agentd.my.cnf.j2
+++ b/roles/mariadb/templates/zabbix_agentd.my.cnf.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 [client]
 user={{zabbix_agent_mysql_user}}
 password={{mariadb_users.zabbix_agent}}
diff --git a/roles/matrix/templates/nginx.d.conf.j2 b/roles/matrix/templates/nginx.d.conf.j2
index 4eff48b77e1f7dd25a11e7c19e7937d813f01336..fef565bbc050c29be5a1fab8c798abd8be7e0205 100644
--- a/roles/matrix/templates/nginx.d.conf.j2
+++ b/roles/matrix/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream matrix {
     server 127.0.0.1:8008;
 }
diff --git a/roles/nginx/templates/letsencrypt.conf b/roles/nginx/templates/letsencrypt.conf
index 99dd6c628499f32bd2bc064968c3bff521cd1d24..4dd507924a0887e2bbb2c040354b5ae422db9d11 100644
--- a/roles/nginx/templates/letsencrypt.conf
+++ b/roles/nginx/templates/letsencrypt.conf
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 location /.well-known/acme-challenge {
     root {{ letsencrypt_validation_dir }};
     default_type "text/plain";
diff --git a/roles/nginx/templates/nginx-hostname-vhost.conf.j2 b/roles/nginx/templates/nginx-hostname-vhost.conf.j2
index b34be7a88af4d83a06a17f7bbe66d9012ad0d240..e91919e74cb8dd0f90a30699fc56bdb54ed6c5ba 100644
--- a/roles/nginx/templates/nginx-hostname-vhost.conf.j2
+++ b/roles/nginx/templates/nginx-hostname-vhost.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80 default_server;
     listen       [::]:80 default_server;
diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2
index a12a8bf20535d24caf638bbb535f24257a01206e..b4534b2318fda9dd55d42ee448047f8cef520522 100644
--- a/roles/nginx/templates/nginx.conf.j2
+++ b/roles/nginx/templates/nginx.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 worker_processes  auto;
 
 load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so;
diff --git a/roles/nginx/templates/sslsettings.conf b/roles/nginx/templates/sslsettings.conf
index c7bb3c3fb97aa393f697c8f2db1cfd5b9db4b66e..80d9cbd5c393bbf7761ee7ad021f28372e275734 100644
--- a/roles/nginx/templates/sslsettings.conf
+++ b/roles/nginx/templates/sslsettings.conf
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.1&openssl=1.0.2&hsts=yes&profile=intermediate
 ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
 
diff --git a/roles/patchwork/templates/nginx.d.conf.j2 b/roles/patchwork/templates/nginx.d.conf.j2
index cd08601e98102f8ee54b299f3b920f0a8a587c80..3aa4c9741b831fe545d0a28f01de31bf2892b542 100644
--- a/roles/patchwork/templates/nginx.d.conf.j2
+++ b/roles/patchwork/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream patchwork {
     server unix:///run/uwsgi/patchwork.sock;
 }
diff --git a/roles/phpinfo/templates/nginx.conf.j2 b/roles/phpinfo/templates/nginx.conf.j2
index 9af5e9ee1d455a12f334b70166e53f59f58392aa..78683d92e83b8b5f8754134c98c07d2aef423e23 100644
--- a/roles/phpinfo/templates/nginx.conf.j2
+++ b/roles/phpinfo/templates/nginx.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     server_name phpinfo;
     root /srv/http/phpinfo;
diff --git a/roles/planet/templates/nginx.d.conf.j2 b/roles/planet/templates/nginx.d.conf.j2
index 507abd53f92576a03482f4edd44f2d3a862b7654..416850f727a9587c22bf8b2e9c00d7da49c4d640 100644
--- a/roles/planet/templates/nginx.d.conf.j2
+++ b/roles/planet/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/postfix/templates/aliases.j2 b/roles/postfix/templates/aliases.j2
index d7bc38c4265597f4f9d5bec5a5db998d88d169e9..2bf1960c593b42baee537d6fac02d769609d47c2 100644
--- a/roles/postfix/templates/aliases.j2
+++ b/roles/postfix/templates/aliases.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # Person who should get root's mail. Don't receive mail as root!
 root:       root@archlinux.org
 backup:     root
diff --git a/roles/postfix/templates/letsencrypt.hook.d.j2 b/roles/postfix/templates/letsencrypt.hook.d.j2
index 7c810e5362007b514d7e98c8e1c8ae4947ba798e..9e9f9162f71d29b29737b9c77a2541d67f8f2fa5 100644
--- a/roles/postfix/templates/letsencrypt.hook.d.j2
+++ b/roles/postfix/templates/letsencrypt.hook.d.j2
@@ -1,5 +1,9 @@
 #!/bin/sh
 
+#
+# {{ ansible_managed }}
+#
+
 test "$1" = renew || exit 0
 
 check_domain="{{ mail_domain }}"
diff --git a/roles/postfix/templates/main.cf.j2 b/roles/postfix/templates/main.cf.j2
index 57e2bddba9d4030e11246a504b49df4c3f148a15..cbc873b7ac277b3bddadb93885030f3e94638d20 100644
--- a/roles/postfix/templates/main.cf.j2
+++ b/roles/postfix/templates/main.cf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 compatibility_level = 2
 
 smtpd_banner = $myhostname ESMTP $mail_name
diff --git a/roles/postfix/templates/master.cf.j2 b/roles/postfix/templates/master.cf.j2
index 3551ad3cf7fa4c6a659fcc29913bd6d374eb4dba..fd7b59f0676f8171e36d50da5759e3d25e08acc1 100644
--- a/roles/postfix/templates/master.cf.j2
+++ b/roles/postfix/templates/master.cf.j2
@@ -1,4 +1,7 @@
 #
+# {{ ansible_managed }}
+#
+
 # Postfix master process configuration file.  For details on the format
 # of the file, see the master(5) manual page (command: "man 5 master" or
 # on-line: http://www.postfix.org/master.5.html).
diff --git a/roles/postfix/templates/relay_transport_map.j2 b/roles/postfix/templates/relay_transport_map.j2
index 0e34ea5fb321e7b99c502701f640939fa9e5604a..2cac3b7ff2133649140f80b4c170b43a515745c3 100644
--- a/roles/postfix/templates/relay_transport_map.j2
+++ b/roles/postfix/templates/relay_transport_map.j2
@@ -1,3 +1,6 @@
+#
+# {{ ansible_managed }}
+#
 {% if not postfix_patchwork_enabled %}
 patchwork@archlinux.org smtp:[patchwork.archlinux.org]
 {% endif %}
diff --git a/roles/postfix/templates/transport.j2 b/roles/postfix/templates/transport.j2
index 4ad7f73d7d19706f8761c1fa93fb956a5c7b4c4c..63e96e5aceb2543f63d430ad2f9fc40ea6f96dda 100644
--- a/roles/postfix/templates/transport.j2
+++ b/roles/postfix/templates/transport.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 #lists.archlinux.org mailman:
 gmail.com smtp-ipv4:
 {% if postfix_patchwork_enabled %}
diff --git a/roles/postfwd/templates/postfwd.cf.j2 b/roles/postfwd/templates/postfwd.cf.j2
index b6b4864d8653d96cf73201871b5b07765d5fccf9..b73431c0870a6730fac50f0b31086fd5052ea3c7 100644
--- a/roles/postfwd/templates/postfwd.cf.j2
+++ b/roles/postfwd/templates/postfwd.cf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # skip lower rate limiting for certain users
 # TODO: populate this from a variable if the feature is used
 &&SASL_WHITELIST {
diff --git a/roles/postgres/templates/letsencrypt.hook.d.j2 b/roles/postgres/templates/letsencrypt.hook.d.j2
index 5bd05178d08719c84b6027bbc59fd68f90a831b0..68ff1c7c669df8b216a399a9b06da7319ca41578 100644
--- a/roles/postgres/templates/letsencrypt.hook.d.j2
+++ b/roles/postgres/templates/letsencrypt.hook.d.j2
@@ -1,5 +1,9 @@
 #!/bin/sh
 
+#
+# {{ ansible_managed }}
+#
+
 test "$1" = renew || exit 0
 
 postgres_domain="{{ inventory_hostname }}"
diff --git a/roles/postgres/templates/pg_hba.conf.j2 b/roles/postgres/templates/pg_hba.conf.j2
index 1d7602cb08fa2bb4b9627be18bd866e53dfd1651..cdc9002499c42468034444fb27c07a75c26091ef 100644
--- a/roles/postgres/templates/pg_hba.conf.j2
+++ b/roles/postgres/templates/pg_hba.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # PostgreSQL Client Authentication Configuration File
 # ===================================================
 #
diff --git a/roles/postgres/templates/postgresql.conf.j2 b/roles/postgres/templates/postgresql.conf.j2
index 8b4769490ac25b4cbe98409a29151716381460fa..5056d5d60741ac00ca709e6f85f6e9e2ca264380 100644
--- a/roles/postgres/templates/postgresql.conf.j2
+++ b/roles/postgres/templates/postgresql.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # -----------------------------
 # PostgreSQL configuration file
 # -----------------------------
diff --git a/roles/public_html/templates/generate-public_html.j2 b/roles/public_html/templates/generate-public_html.j2
index 69672dbffd6761fe292514a9a5a858c3f74f2380..db3fc0fbcb195a6822446dbd7a439e78fa90173c 100755
--- a/roles/public_html/templates/generate-public_html.j2
+++ b/roles/public_html/templates/generate-public_html.j2
@@ -1,5 +1,9 @@
 #!/bin/bash -e
 
+#
+# {{ ansible_managed }}
+#
+
 target=/srv/public_html/index.html
 
 cat >${target}.tmp <<END
diff --git a/roles/public_html/templates/nginx.d.conf.j2 b/roles/public_html/templates/nginx.d.conf.j2
index b187989159b143f1304709105c5641c473a13dd6..dde0e5abc90f8b7387706e9d44f5a971eadd527b 100644
--- a/roles/public_html/templates/nginx.d.conf.j2
+++ b/roles/public_html/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/root_ssh/templates/authorized_keys.j2 b/roles/root_ssh/templates/authorized_keys.j2
index bc7a2ff387409e067c324f3a1365eddfd8ac0455..886539fb1f52bcbb69465326754697cf59f1b142 100644
--- a/roles/root_ssh/templates/authorized_keys.j2
+++ b/roles/root_ssh/templates/authorized_keys.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 #jinja2: lstrip_blocks: True
 {% for user in root_ssh_keys | sort -%}
 	{{ lookup('file', '../pubkeys/' + user) }}
diff --git a/roles/security_tracker/templates/nginx.d.conf.j2 b/roles/security_tracker/templates/nginx.d.conf.j2
index f4c45ae076153c651d735512d4453d471b4996a6..39572d189a6cd1ee5ceafec8b8ed89f34b06b5a6 100644
--- a/roles/security_tracker/templates/nginx.d.conf.j2
+++ b/roles/security_tracker/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream security-tracker {
     server unix:///run/uwsgi/security-tracker.sock;
 }
diff --git a/roles/sources/templates/nginx.d.conf.j2 b/roles/sources/templates/nginx.d.conf.j2
index 9f6f7d47c461fee9992d428b2dcafcd27023ecc6..f88fa88fde9e8c255c864e85a6ce2dde31c025be 100644
--- a/roles/sources/templates/nginx.d.conf.j2
+++ b/roles/sources/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/spampd/templates/local.cf.j2 b/roles/spampd/templates/local.cf.j2
index 644190f0811ac99c69c7952a51008b494405c062..162bbabeb18630d1a794314fc899e7793fbfa65a 100644
--- a/roles/spampd/templates/local.cf.j2
+++ b/roles/spampd/templates/local.cf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 # This is the right place to customize your installation of SpamAssassin.
 #
 # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
diff --git a/roles/sshd/templates/sshd_config.j2 b/roles/sshd/templates/sshd_config.j2
index be03114d21d148dba753863e1fc03e499acd83b3..fd2a9a129c29fa31b1ae46056b89a62efd94df00 100644
--- a/roles/sshd/templates/sshd_config.j2
+++ b/roles/sshd/templates/sshd_config.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 #      $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
 
 # This is the sshd server system-wide configuration file.  See
diff --git a/roles/syncrepo/templates/nginx.d.conf.j2 b/roles/syncrepo/templates/nginx.d.conf.j2
index c6999a42b826396920803879dfcdc6a6c6b7a214..3044a7b1d8cd33db66dd9ed86f0cb043f8f77d53 100644
--- a/roles/syncrepo/templates/nginx.d.conf.j2
+++ b/roles/syncrepo/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server {
     listen       80;
     listen       [::]:80;
diff --git a/roles/unbound/templates/unbound.conf.j2 b/roles/unbound/templates/unbound.conf.j2
index d09f1a5db1dc799d00ea45efe653610c93a2a3f7..af7467473880aa64baf45d27221634682df16502 100644
--- a/roles/unbound/templates/unbound.conf.j2
+++ b/roles/unbound/templates/unbound.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 server:               
 	use-syslog: yes     
 	username: "unbound" 
diff --git a/roles/zabbix-server/templates/nginx.d.conf.j2 b/roles/zabbix-server/templates/nginx.d.conf.j2
index 590b6553784a0bb4b5d98a67494c066dc09f976f..28399d56dc6442718465515e29220b3c6be4f4c0 100644
--- a/roles/zabbix-server/templates/nginx.d.conf.j2
+++ b/roles/zabbix-server/templates/nginx.d.conf.j2
@@ -1,3 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+
 upstream zabbix {
     server unix:///run/php-fpm/zabbix-web.socket;
 }