From 26959a0508b22fffc0eeb27f8960ac5a39dfc513 Mon Sep 17 00:00:00 2001
From: Alessandro Fael Garcia <alessfg@hotmail.com>
Date: Sun, 29 Jan 2023 23:07:19 +0100
Subject: [PATCH] Prepare 0.9.0 release

---
 .github/ISSUE_TEMPLATE/bug_report.md          |  13 +-
 .github/ISSUE_TEMPLATE/feature_request.md     |   7 +-
 .github/SECURITY.md                           |  23 +-
 .github/release-drafter.yml                   |  14 +-
 .../requirements/requirements_ansible.yml     |   2 +-
 CHANGELOG.md                                  | 240 +++++++++---------
 CODE_OF_CONDUCT.md                            |  23 +-
 CONTRIBUTING.md                               |  48 ++--
 README.md                                     |  38 ++-
 SUPPORT.md                                    |  33 +++
 meta/main.yml                                 |   4 +-
 molecule/default/files/test-log-profile.json  |  16 +-
 .../default/files/test-security-policy.json   |  10 +-
 13 files changed, 266 insertions(+), 205 deletions(-)
 create mode 100644 SUPPORT.md

diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index 3e53225b..16c992bd 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,10 +1,11 @@
 ---
 name: Bug report
 about: Create a report to help us improve
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
+
 ### Describe the bug
 
 A clear and concise description of what the bug is.
@@ -13,8 +14,8 @@ A clear and concise description of what the bug is.
 
 Steps to reproduce the behavior:
 
-1. Deploy NGINX App Protect role using playbook.yml
-2. View output/logs/configuration on '...'
+1. Deploy the Ansible NGINX App Protect role using `playbook.yml`
+2. View output/logs/configuration on ...
 3. See error
 
 ### Expected behavior
@@ -23,7 +24,7 @@ A clear and concise description of what you expected to happen.
 
 ### Your environment
 
-- Version of the NGINX App Protect role or specific commit
+- Version of the Ansible NGINX App Protect role or specific commit
 - Version of Ansible
 - Version of Jinja2 (if you are using any templating capability)
 - Target deployment platform
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
index d27aba8e..e2242abb 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,10 +1,11 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
+
 ### Is your feature request related to a problem? Please describe
 
 A clear and concise description of what the problem is. Ex. I'm always frustrated when ...
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index b11b8e47..46b7f06e 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -1,9 +1,26 @@
 # Security Policy
 
-## Supported Versions
+## Versions
 
-This role mainly consists of Ansible tasks. Ansible applies security fixes to the most recent three releases. Please find more information in [the Ansible docs](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#release-status).
+### Latest Versions
+
+We advise users to run or update to the most recent release of the Ansible NGINX App Protect role. Older versions of this role may not have all enhancements and/or bug fixes applied to them.
+
+### Supported Versions
+
+This codebase mainly consists of an Ansible role, sprinkled with a dose of GitHub actions for CI/CD. Ansible applies security fixes to the most recent three releases. Please find more information in [the Ansible docs](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#release-status).
 
 ## Reporting a Vulnerability
 
-If you find a security vulnerability that affects Ansible, we encourage you to report it according to the [Ansible guidelines](https://docs.ansible.com/ansible/devel/community/reporting_bugs_and_features.html#reporting-a-bug).
+### Ansible
+
+If you find a security vulnerability that affects Ansible directly, we encourage you to report it according to the [Ansible guidelines](https://docs.ansible.com/ansible/devel/community/reporting_bugs_and_features.html#reporting-a-bug).
+
+### Codebase
+
+If you find a security vulnerability that affects the codebase, we encourage you to report it to the F5 Security Incident Response Team (F5 SIRT):
+
+- If you’re an F5 customer with an active support contract, please contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities to the F5 SIRT at <F5SIRT@f5.com>.
+
+For more information visit [https://www.f5.com/services/support/report-a-vulnerability](https://www.f5.com/services/support/report-a-vulnerability)
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
index eacad781..524e8c2b 100644
--- a/.github/release-drafter.yml
+++ b/.github/release-drafter.yml
@@ -92,13 +92,13 @@ template: |
 
   ## Install & Upgrade
 
-  * To install the Ansible NGINX App Protect role on a fresh environment, run `ansible-galaxy install nginxinc.nginx_app_protect`.
-  * To upgrade the Ansible NGINX App Protect role to the latest release, run `ansible-galaxy install -f nginxinc.nginx_app_protect`.
-  * To install or upgrade to this specific Ansible NGINX App Protect role release ($RESOLVED_VERSION), run `ansible-galaxy install -f nginxinc.nginx_app_protect,v$RESOLVED_VERSION`.
+  - To install the Ansible NGINX App Protect role on a fresh environment, run `ansible-galaxy install nginxinc.nginx_app_protect`.
+  - To upgrade the Ansible NGINX App Protect role to the latest release, run `ansible-galaxy install -f nginxinc.nginx_app_protect`.
+  - To install or upgrade to this specific Ansible NGINX App Protect role release ($RESOLVED_VERSION), run `ansible-galaxy install -f nginxinc.nginx_app_protect,v$RESOLVED_VERSION`.
 
   ## Resources
 
-  * Functional configuration examples (check `converge.yml` under each `molecule` scenario) -- [github.com/nginxinc/ansible-role-nginx-app-protect/tree/$RESOLVED_VERSION/molecule](https://github.com/nginxinc/ansible-role-nginx-app-protect/tree/$RESOLVED_VERSION/molecule).
-  * Ansible Galaxy repository -- [galaxy.ansible.com/nginxinc/nginx_app_protect](https://galaxy.ansible.com/nginxinc/nginx_app_protect).
-  * NGINX Ansible role & collection introductory blog -- [nginx.com/blog/announcing-nginx-core-collection-ansible](https://www.nginx.com/blog/announcing-nginx-core-collection-ansible).
-  * NGINX: Better with Ansible demo -- [github.com/alessfg/nginx-ansible-demo](https://github.com/alessfg/nginx-ansible-demo).
+  - Functional configuration examples (check `converge.yml` under each `molecule` scenario) -- [github.com/nginxinc/ansible-role-nginx-app-protect/tree/$RESOLVED_VERSION/molecule](https://github.com/nginxinc/ansible-role-nginx-app-protect/tree/$RESOLVED_VERSION/molecule).
+  - Ansible Galaxy repository -- [galaxy.ansible.com/nginxinc/nginx_app_protect](https://galaxy.ansible.com/nginxinc/nginx_app_protect).
+  - NGINX Ansible role & collection introductory blog -- [nginx.com/blog/announcing-nginx-core-collection-ansible](https://www.nginx.com/blog/announcing-nginx-core-collection-ansible).
+  - NGINX: Better with Ansible demo -- [github.com/alessfg/nginx-ansible-demo](https://github.com/alessfg/nginx-ansible-demo).
diff --git a/.github/workflows/requirements/requirements_ansible.yml b/.github/workflows/requirements/requirements_ansible.yml
index e5758194..cbeac9c1 100644
--- a/.github/workflows/requirements/requirements_ansible.yml
+++ b/.github/workflows/requirements/requirements_ansible.yml
@@ -6,5 +6,5 @@ collections:
     version: 2.10.0
   - name: community.general
     version: 6.2.0
-  - name: community.docker  # Only required if you plan to use Molecule
+  - name: community.docker # Only required if you plan to use Molecule
     version: 3.4.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8aedc904..1ae5ef41 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,41 +1,41 @@
 # Changelog
 
-## 0.9.0 (Unreleased)
+## 0.9.0 (January 29, 2023)
 
 FEATURES:
 
-* Validate that various role variables have been set to one of the allowed values.
-* Refactor how this role checks if your distribution is supported NGINX App Protect. The role will no longer fail if the  target distribution is not supported, instead, you will get a warning. This should help with the occasional lag between new releases of distributions and/or NGINX App Protect and this role being updated to support those releases. In addition, the role will also now check if your distribution's architecture is supported.
-* Refactor Ansible facts from dot to array notation to keep in with the standards set by the other roles in the Ansible NGINX core collection.
-* Add support for Debian bullseye for NGINX App Protect WAF.
-* Add support for Oracle Linux 7.x & 8.x for NGINX App Protect WAF.
-* Add support for RHEL 8.7.
-* Remove support for Debian buster for NGINX App Protect WAF/DoS.
+- Validate that various role variables have been set to one of the allowed values.
+- Refactor how this role checks if your distribution is supported NGINX App Protect. The role will no longer fail if the target distribution is not supported, instead, you will get a warning. This should help with the occasional lag between new releases of distributions and/or NGINX App Protect and this role being updated to support those releases. In addition, the role will also now check if your distribution's architecture is supported.
+- Refactor Ansible facts from dot to array notation to keep in with the standards set by the other roles in the Ansible NGINX core collection.
+- Add support for Debian bullseye for NGINX App Protect WAF.
+- Add support for Oracle Linux 7.x & 8.x for NGINX App Protect WAF.
+- Add support for RHEL 8.7.
+- Remove support for Debian buster for NGINX App Protect WAF/DoS.
 
 ENHANCEMENTS:
 
-* Standardize code from dot to array notation to keep in with the standards set by the other roles in the Ansible NGINX core collection.
-* Bump the minimum version of Ansible core required to run the role to `2.12` (`2.11` is no longer supported by Ansible).
-* Bump the Ansible `community.general` collection to `6.2.0`, `community.crypto` collection to `2.10.0` and `community.docker` collection to `3.4.0`.
+- Standardize code from dot to array notation to keep in with the standards set by the other roles in the Ansible NGINX core collection.
+- Bump the minimum version of Ansible core required to run the role to `2.12` (`2.11` is no longer supported by Ansible).
+- Bump the Ansible `community.general` collection to `6.2.0`, `community.crypto` collection to `2.10.0` and `community.docker` collection to `3.4.0`.
 
 BUG FIXES:
 
-* The Alpine Linux `libelf` dependency is no longer automatically installed by NGINX App Protect DoS so we need to explicitly install it as a prerequisite.
-* The `ignore-tags` GitHub actions key does not exist. Replace it with the correct key, `tags-ignore`.
+- The Alpine Linux `libelf` dependency is no longer automatically installed by NGINX App Protect DoS so we need to explicitly install it as a prerequisite.
+- The `ignore-tags` GitHub actions key does not exist. Replace it with the correct key, `tags-ignore`.
 
 TESTS:
 
-* Update GitHub actions to run on Ubuntu 22.04 (and thus support `cgroups` v2).
-* Explicitly specify `amd64` as the platform used in Molecule tests. This will ensure that tests work as expected when run on different host architectures (e.g. newer Macbooks with `arm` processors).
+- Update GitHub actions to run on Ubuntu 22.04 (and thus support `cgroups` v2).
+- Explicitly specify `amd64` as the platform used in Molecule tests. This will ensure that tests work as expected when run on different host architectures (e.g. newer Macbooks with `arm` processors).
 
 ## 0.8.1 (September 28, 2022)
 
 FEATURES:
 
-* Add support for Alpine Linux for NGINX App Protect DoS.
-* Add support for Debian bullseye for NGINX App Protect DoS.
-* Add support for RHEL 8.6.
-* Check NGINX App Protect license is valid before trying to install NGINX App Protect (this means the role now requires the `community.crypto` collection).
+- Add support for Alpine Linux for NGINX App Protect DoS.
+- Add support for Debian bullseye for NGINX App Protect DoS.
+- Add support for RHEL 8.6.
+- Check NGINX App Protect license is valid before trying to install NGINX App Protect (this means the role now requires the `community.crypto` collection).
 
 ENHANCEMENTS:
 
@@ -47,45 +47,45 @@ Always refresh the `yum` cache.
 
 TESTS:
 
-* Update GitHub actions to only skip \*plus\* scenarios when the NGINX Plus license secrets are not present (it used to only run the NGINX Plus test scenarios during internal PRs).
-* Remove Yamllint (Ansible Lint now incorporates Yamllint).
-* Skip Ansible Lint line length and no templates in name rules. Slightly refactor code to incorporate changes added to Ansible Lint 6.7.0.
+- Update GitHub actions to only skip \*plus\* scenarios when the NGINX Plus license secrets are not present (it used to only run the NGINX Plus test scenarios during internal PRs).
+- Remove Yamllint (Ansible Lint now incorporates Yamllint).
+- Skip Ansible Lint line length and no templates in name rules. Slightly refactor code to incorporate changes added to Ansible Lint 6.7.0.
 
 ## 0.8.0 (April 6, 2022)
 
 BREAKING CHANGES:
 
-* Rename `nginx_app_protect_<waf/dos>_state` parameter to `nginx_app_protect_<waf/dos>_setup` parameters.
-* Rename multiple `nginx_app_protect_*` parameters and tags to `nginx_app_protect_waf_*` to aid in disambiguation.
-* Cleanup deprecated Alpine Linux tasks.
-* Remove `nginx_app_protect_configure` parameter since it has limited functionality given the `nginx_app_protect_*_policy_file_enable` parameters.
-* The `nginx_app_protect_timeout` setting previous only applied to service stop operations. This parameter has been changed to `nginx_app_protect_timeoutstopsec` to better reflect its usage, and a new parameter, `nginx_app_protect_timeoutstartsec` has been introduced to tweak service start operation timeouts.
+- Rename `nginx_app_protect_<waf/dos>_state` parameter to `nginx_app_protect_<waf/dos>_setup` parameters.
+- Rename multiple `nginx_app_protect_*` parameters and tags to `nginx_app_protect_waf_*` to aid in disambiguation.
+- Cleanup deprecated Alpine Linux tasks.
+- Remove `nginx_app_protect_configure` parameter since it has limited functionality given the `nginx_app_protect_*_policy_file_enable` parameters.
+- The `nginx_app_protect_timeout` setting previous only applied to service stop operations. This parameter has been changed to `nginx_app_protect_timeoutstopsec` to better reflect its usage, and a new parameter, `nginx_app_protect_timeoutstartsec` has been introduced to tweak service start operation timeouts.
 
 FEATURES:
 
-* Add support for enabling SELinux on RHEL based systems, and tweak it by default when installing NGINX App Protect DoS to avoid SELinux misconfiguration issues.
-* Rename all modules to use the fully qualified collection name (FQCN) per Ansible guidelines.
+- Add support for enabling SELinux on RHEL based systems, and tweak it by default when installing NGINX App Protect DoS to avoid SELinux misconfiguration issues.
+- Rename all modules to use the fully qualified collection name (FQCN) per Ansible guidelines.
 
 ENHANCEMENTS:
 
-* Add support for RHEL 8.1+ for NGINX App Protect WAF 3.8.
-* Add support for RHEL 7.4+ and 8.x for NGINX App Protect DoS 2.1.
-* New molecule tests for RHEL 7/8 and for NGINX App Protect WAF/DoS removal scenarios.
-* Bump the Ansible `community.general` collection to `4.7.0` and `community.docker` collection to `2.3.0`.
-* Update Dependabot to trigger updates at the same time across all NGINX core roles at the same time and to avoid triggering release drafter on GitHub actions dependency updates.
+- Add support for RHEL 8.1+ for NGINX App Protect WAF 3.8.
+- Add support for RHEL 7.4+ and 8.x for NGINX App Protect DoS 2.1.
+- New molecule tests for RHEL 7/8 and for NGINX App Protect WAF/DoS removal scenarios.
+- Bump the Ansible `community.general` collection to `4.7.0` and `community.docker` collection to `2.3.0`.
+- Update Dependabot to trigger updates at the same time across all NGINX core roles at the same time and to avoid triggering release drafter on GitHub actions dependency updates.
 
 BUG FIXES:
 
-* Role was failing to uninstall NGINX App Protect DoS packages when the `nginx_app_protect_dos_state` was set to `absent`.
-* Uninstallation scenario was unintentionally creating repository entries.
-* Ansible check mode runs will no longer fail if NGINX has not yet been installed.
+- Role was failing to uninstall NGINX App Protect DoS packages when the `nginx_app_protect_dos_state` was set to `absent`.
+- Uninstallation scenario was unintentionally creating repository entries.
+- Ansible check mode runs will no longer fail if NGINX has not yet been installed.
 
 ## 0.7.1 (February 16, 2022)
 
 ENHANCEMENTS:
 
-* Add signing keys to a unique NGINX keyring on Debian based systems.
-* Bump the Ansible `community.general` collection to `4.4.0` and `community.docker` collection to `2.1.1`.
+- Add signing keys to a unique NGINX keyring on Debian based systems.
+- Bump the Ansible `community.general` collection to `4.4.0` and `community.docker` collection to `2.1.1`.
 
 BUG FIXES:
 
@@ -99,22 +99,22 @@ Refactor how `nginx_app_protect_*_policy_file*` variables work. You can now spec
 
 BUG FIXES:
 
-* Fix instances of `nginx_app_protect_license_status` being incorrectly set as `nginx_license_status` instead.
-* Add NGINX App Protect DoS to the NAP uninstall tasks.
+- Fix instances of `nginx_app_protect_license_status` being incorrectly set as `nginx_license_status` instead.
+- Add NGINX App Protect DoS to the NAP uninstall tasks.
 
 ## 0.6.2 (October 25, 2021)
 
 ENHANCEMENTS:
 
-* Remove Alpine 3.10 from the list of supported platform for NAP (and from Molecule).
-* Move non NGINX App Protect specific dependencies from the role into the Molecule Dockerfile.
-* Change Dependabot frequency from daily to weekly.
-* Minor touch-up of GitHub actions workflows.
+- Remove Alpine 3.10 from the list of supported platform for NAP (and from Molecule).
+- Move non NGINX App Protect specific dependencies from the role into the Molecule Dockerfile.
+- Change Dependabot frequency from daily to weekly.
+- Minor touch-up of GitHub actions workflows.
 
 BUG FIXES:
 
-* NGINX App Protect WAF 3.6 has been released and with it comes support for NGINX Plus R25. Per last release's KNOWN ISSUES, NGINX App Protect DoS will still only work with NGINX Plus R24.
-* Always update NGINX App Protect dependencies to the latest available version to avoid outdated dependency issues (e.g. outdated CA certificates).
+- NGINX App Protect WAF 3.6 has been released and with it comes support for NGINX Plus R25. Per last release's KNOWN ISSUES, NGINX App Protect DoS will still only work with NGINX Plus R24.
+- Always update NGINX App Protect dependencies to the latest available version to avoid outdated dependency issues (e.g. outdated CA certificates).
 
 ## 0.6.1 (September 30, 2021)
 
@@ -124,8 +124,8 @@ As of the latest NGINX Plus release, R25, NGINX App Protect WAF/DoS will no long
 
 ENHANCEMENTS:
 
-* Remove Debian Stretch from the list of supported platforms for NAP (and from Molecule).
-* Update the Ansible `community.general` collection to `3.7.0`, `ansible.posix` collection to `1.3.0` and `community.docker` collection to `1.9.1`.
+- Remove Debian Stretch from the list of supported platforms for NAP (and from Molecule).
+- Update the Ansible `community.general` collection to `3.7.0`, `ansible.posix` collection to `1.3.0` and `community.docker` collection to `1.9.1`.
 
 BUG FIXES:
 
@@ -139,17 +139,17 @@ Remove deprecated variables mentioned in the `0.5.0` release. These involve temp
 
 FEATURES:
 
-* Add support for NGINX App Protect DoS (Denial of Service) product. The `nginx_app_protect_dos_enable` variable must be set to `true` in order to install NGINX App Protect DoS.
-* Add support for NGINX App Protect WAF on Amazon Linux 2 (requires NGINX App Protect 3.3).
-* Add a `nginx_app_protect_manage_repo` feature flag which can be used to disable NGINX App Protect repo management by this role.
+- Add support for NGINX App Protect DoS (Denial of Service) product. The `nginx_app_protect_dos_enable` variable must be set to `true` in order to install NGINX App Protect DoS.
+- Add support for NGINX App Protect WAF on Amazon Linux 2 (requires NGINX App Protect 3.3).
+- Add a `nginx_app_protect_manage_repo` feature flag which can be used to disable NGINX App Protect repo management by this role.
 
 ENHANCEMENTS:
 
-* Replace Ansible base with Ansible core. Ansible core will be the "core" Ansible release moving forward from Ansible `2.11`.
-* Update GitHub actions to add a workflow dispatch option.
-* Update the Ansible `community.general` collection to `3.3.2` and `community.docker` collection to `1.8.0`.
-* Replace "yes"/"no" boolean values with "true"/"false" to comply with YAML spec `1.2`.
-* Update `nginx` role requirement in Molecule tests to `0.20.0`.
+- Replace Ansible base with Ansible core. Ansible core will be the "core" Ansible release moving forward from Ansible `2.11`.
+- Update GitHub actions to add a workflow dispatch option.
+- Update the Ansible `community.general` collection to `3.3.2` and `community.docker` collection to `1.8.0`.
+- Replace "yes"/"no" boolean values with "true"/"false" to comply with YAML spec `1.2`.
+- Update `nginx` role requirement in Molecule tests to `0.20.0`.
 
 ## 0.5.0 (May 12, 2021)
 
@@ -159,20 +159,20 @@ The NGINX App Protect repository has been updated. This might cause some issues
 
 DEPRECATION WARNINGS:
 
-* **The ability to create an NGINX config including some basic App Protect directives will be removed in the upcoming `0.6.0` release at some stage after June 2021.** Please use the [NGINX config role](https://github.com/nginxinc/ansible-role-nginx-config) instead for this (and much more) functionality. This will include the removal of the following variables: `nginx_app_protect_conf_template_enable`, `nginx_app_protect_conf_template`, `nginx_app_protect_demo_workload_protocol`, `nginx_app_protect_demo_workload_host`, `nginx_app_protect_log_policy_syslog_target`, `nginx_app_protect_log_policy_target`.
+- **The ability to create an NGINX config including some basic App Protect directives will be removed in the upcoming `0.6.0` release at some stage after June 2021.** Please use the [NGINX config role](https://github.com/nginxinc/ansible-role-nginx-config) instead for this (and much more) functionality. This will include the removal of the following variables: `nginx_app_protect_conf_template_enable`, `nginx_app_protect_conf_template`, `nginx_app_protect_demo_workload_protocol`, `nginx_app_protect_demo_workload_host`, `nginx_app_protect_log_policy_syslog_target`, `nginx_app_protect_log_policy_target`.
 
-* **The ability to dynamically create App Protect security and log policies via Jinja2 templates will be removed in the `0.6.0` release at some stage after June 2021 due to relative inflexibility.** The `nginx_app_protect_security_policy_file_enable`, `nginx_app_protect_security_policy_file_*`, `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables should be used instead of the following variables which are to be removed: `nginx_app_protect_security_policy_template_enable`, `nginx_app_protect_security_policy_template`, `nginx_app_protect_security_policy_enforcement_mode`, `nginx_app_protect_log_policy_template_enable`, `nginx_app_protect_log_policy_template`, `nginx_app_protect_log_policy_filter_request_type`.
+- **The ability to dynamically create App Protect security and log policies via Jinja2 templates will be removed in the `0.6.0` release at some stage after June 2021 due to relative inflexibility.** The `nginx_app_protect_security_policy_file_enable`, `nginx_app_protect_security_policy_file_*`, `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables should be used instead of the following variables which are to be removed: `nginx_app_protect_security_policy_template_enable`, `nginx_app_protect_security_policy_template`, `nginx_app_protect_security_policy_enforcement_mode`, `nginx_app_protect_log_policy_template_enable`, `nginx_app_protect_log_policy_template`, `nginx_app_protect_log_policy_filter_request_type`.
 
 FEATURES:
 
-* Implement Release Drafter.
-* Add warning re having to install NGINX Plus beforehand on Alpine distros if NGINX Plus releases a security patch.
+- Implement Release Drafter.
+- Add warning re having to install NGINX Plus beforehand on Alpine distros if NGINX Plus releases a security patch.
 
 ENHANCEMENTS:
 
-* Changing the default policy directory from `/etc/nginx` to `/etc/app_protect/conf` to align with this change introduced in App Protect 3.2.
-* Update Ansible base to `2.10.9`, Ansible Lint to `5.0.8`, yamllint to `1.26.1` and Docker Python SDK to `5.0.0`.
-* Update the Ansible `community.general` collection to `3.0.2` and `community.docker` collection to `1.6.0`.
+- Changing the default policy directory from `/etc/nginx` to `/etc/app_protect/conf` to align with this change introduced in App Protect 3.2.
+- Update Ansible base to `2.10.9`, Ansible Lint to `5.0.8`, yamllint to `1.26.1` and Docker Python SDK to `5.0.0`.
+- Update the Ansible `community.general` collection to `3.0.2` and `community.docker` collection to `1.6.0`.
 
 ## 0.4.3 (April 6, 2021)
 
@@ -182,34 +182,34 @@ The `nginx_app_protect_version` variable has been removed, as it cannot be imple
 
 FEATURES:
 
-* Add support for Dependabot.
-* Replace Ansible community distribution with Ansible base and add the necessary extra collections as a dependency requirement. For reference, these are:
+- Add support for Dependabot.
+- Replace Ansible community distribution with Ansible base and add the necessary extra collections as a dependency requirement. For reference, these are:
 
-    ```yaml
-    ---
-    collections:
-      - name: community.general
-        version: 3.0.0
-      - name: ansible.posix
-        version: 1.2.0
-    ```
+  ```yaml
+  ---
+  collections:
+    - name: community.general
+      version: 3.0.0
+    - name: ansible.posix
+      version: 1.2.0
+  ```
 
-* Explicitly list Jinja2 `2.11.3` as a requirement, as well as detail the minimum supported version (`2.11.x`).
-* You can now specify an `nginx_app_protect_repository` for NGINX App Protect.
-* You can now specify an `nginx_app_protect_security_updates_repository` for NGINX App Protect signatures and threat campaigns packages.
-* You can now specify NGINX App Protect signatures and threat campaigns package versions using the `nginx_app_protect_signatures_version` and `nginx_app_protect_threat_campaigns_version` variables.
+- Explicitly list Jinja2 `2.11.3` as a requirement, as well as detail the minimum supported version (`2.11.x`).
+- You can now specify an `nginx_app_protect_repository` for NGINX App Protect.
+- You can now specify an `nginx_app_protect_security_updates_repository` for NGINX App Protect signatures and threat campaigns packages.
+- You can now specify NGINX App Protect signatures and threat campaigns package versions using the `nginx_app_protect_signatures_version` and `nginx_app_protect_threat_campaigns_version` variables.
 
 ENHANCEMENTS:
 
-* Support for NGINX App Protect 3.1 -- Adds support for Debian 10, Ubuntu 20.04 and Alpine 3.10.
-* Add test coverage for new platforms and testing scenario.
-* Consolidate dependencies into a single tasks file.
-* Remove requirement for `package_facts` module when using this role.
-* Update Signatures repository URL.
-* Update Ansible base to `2.10.7`, Ansible Lint to `5.0.6`, Molecule to `3.3.0`, yamllint to `1.26.0` and Docker Python SDK to `4.4.4`.
-* Specify GitHub actions Ubuntu release.
-* Minor GitHub template tweaks, including the creation of a SECURITY doc.
-* Only run GitHub actions Galaxy CI/CD workflow when a new release is published.
+- Support for NGINX App Protect 3.1 -- Adds support for Debian 10, Ubuntu 20.04 and Alpine 3.10.
+- Add test coverage for new platforms and testing scenario.
+- Consolidate dependencies into a single tasks file.
+- Remove requirement for `package_facts` module when using this role.
+- Update Signatures repository URL.
+- Update Ansible base to `2.10.7`, Ansible Lint to `5.0.6`, Molecule to `3.3.0`, yamllint to `1.26.0` and Docker Python SDK to `4.4.4`.
+- Specify GitHub actions Ubuntu release.
+- Minor GitHub template tweaks, including the creation of a SECURITY doc.
+- Only run GitHub actions Galaxy CI/CD workflow when a new release is published.
 
 KNOWN ISSUES:
 
@@ -219,9 +219,9 @@ Service manager support is not included in NGINX App Protect for Alpine. When us
 
 ENHANCEMENTS:
 
-* Replace TravisCI with GitHub actions.
-* Update Ansible base to `2.10.4`, Ansible to `2.10.5`, Molecule to `3.2.2` and Docker Python SDK to `4.4.1`.
-* Update copyright notice.
+- Replace TravisCI with GitHub actions.
+- Update Ansible base to `2.10.4`, Ansible to `2.10.5`, Molecule to `3.2.2` and Docker Python SDK to `4.4.1`.
+- Update copyright notice.
 
 BUG FIXES:
 
@@ -241,12 +241,12 @@ The ability to dynamically create App Protect security and log policies via Jinj
 
 ENHANCEMENTS:
 
-* Add survey to README.
-* Improve README structure and use tables where relevant.
-* Update Ansible (now Ansible base) to `2.10.2`, Ansible (now Ansible Community Distribution) to `2.10.0`, and yamllint to `1.25.0`.
-* Ability to deploy static security policy files via the `nginx_app_protect_security_policy_file_enable` and `nginx_app_protect_security_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
-* Ability to deploy static log policy files via the `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
-* Add CentOS/RHEL 7.9 to list of supported platforms.
+- Add survey to README.
+- Improve README structure and use tables where relevant.
+- Update Ansible (now Ansible base) to `2.10.2`, Ansible (now Ansible Community Distribution) to `2.10.0`, and yamllint to `1.25.0`.
+- Ability to deploy static security policy files via the `nginx_app_protect_security_policy_file_enable` and `nginx_app_protect_security_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
+- Ability to deploy static log policy files via the `nginx_app_protect_log_policy_file_enable` and `nginx_app_protect_log_policy_file_*` variables. NOTE: `nginx_app_protect_configure` must be set to true.
+- Add CentOS/RHEL 7.9 to list of supported platforms.
 
 ## 0.3.2 (September 30, 2020)
 
@@ -258,9 +258,9 @@ Prevent TravisCI from trying to build (and failing) NGINX App Protect images on
 
 FEATURES:
 
-* Two new variables have been introduced:
-  * `nginx_app_protect_service_modify` -- Setting this variable to true/false will determine whether the default service timeout value gets modified.
-  * `nginx_app_protect_log_policy_target` -- This variable is intended as an eventual replacement for `nginx_app_protect_log_policy_syslog_target` and allows using different destinations for NGINX App Protect's log files.
+- Two new variables have been introduced:
+  - `nginx_app_protect_service_modify` -- Setting this variable to true/false will determine whether the default service timeout value gets modified.
+  - `nginx_app_protect_log_policy_target` -- This variable is intended as an eventual replacement for `nginx_app_protect_log_policy_syslog_target` and allows using different destinations for NGINX App Protect's log files.
 
 ENHANCEMENTS:
 
@@ -268,9 +268,9 @@ Split the default Molecule scenario into a simple and advanced scenario to solve
 
 BUG FIXES:
 
-* Rename handlers to use more specific role related naming and prevent namespace collision issues.
-* Set NGINX handler to `state: restarted` to prevent some compatibility issues when NGINX App Protect is installed on an instance already running NGINX beforehand.
-* Using `update_cache: true` by itself in the `apt` module is not always idempotent. Moved the NGINX App Protect installation task to a corresponding `apt` or `yum` module to avoid this scenario.
+- Rename handlers to use more specific role related naming and prevent namespace collision issues.
+- Set NGINX handler to `state: restarted` to prevent some compatibility issues when NGINX App Protect is installed on an instance already running NGINX beforehand.
+- Using `update_cache: true` by itself in the `apt` module is not always idempotent. Moved the NGINX App Protect installation task to a corresponding `apt` or `yum` module to avoid this scenario.
 
 ## 0.3.0 (September 21, 2020)
 
@@ -286,16 +286,16 @@ FEATURES:
 
 A new variable has been introduced:
 
-* `nginx_app_protect_setup_license` -- Determine whether you want to use this role to upload your NGINX App Protect license to your target host.
+- `nginx_app_protect_setup_license` -- Determine whether you want to use this role to upload your NGINX App Protect license to your target host.
 
 ENHANCEMENTS:
 
-* Switch to using `ansible_facts` wherever possible.
-* Simplified overall role structure by:
-  * Reducing signing key setup tasks to a single file.
-  * Merging all install steps to a single file.
-* Added handlers to check for NGINX syntax validity and fail if any errors are detected.
-* Update Ansible Lint to `4.3.5`.
+- Switch to using `ansible_facts` wherever possible.
+- Simplified overall role structure by:
+  - Reducing signing key setup tasks to a single file.
+  - Merging all install steps to a single file.
+- Added handlers to check for NGINX syntax validity and fail if any errors are detected.
+- Update Ansible Lint to `4.3.5`.
 
 ## 0.2.2 (September 15, 2020)
 
@@ -311,31 +311,31 @@ Fixed newly appearing linting issues in role.
 
 ENHANCEMENTS:
 
-* Bring docs up to speed with other NGINX roles.
-* Move some default variables into the vars subfolder.
+- Bring docs up to speed with other NGINX roles.
+- Move some default variables into the vars subfolder.
 
 ## 0.2.0 (September 10, 2020)
 
 BREAKING CHANGES:
 
-* All of the variables have been updated to prevent naming collisions when using other roles. Please see README.MD for new variable names.
-* Example playbook has been removed by collection authors in favor of using the Molecule configuration as a 'known-working' implementation.
+- All of the variables have been updated to prevent naming collisions when using other roles. Please see README.MD for new variable names.
+- Example playbook has been removed by collection authors in favor of using the Molecule configuration as a 'known-working' implementation.
 
 FEATURES:
 
-* Molecule 3 testing foundation is in the project, and linting is being performed by TravisCI. Now time to write tests!
+- Molecule 3 testing foundation is in the project, and linting is being performed by TravisCI. Now time to write tests!
 
 ENHANCEMENTS:
 
-* Huge refactoring by @alessfg to better unify this role with the structures present in the other nginxinc Ansible roles.
-* Update Ansible to `2.9.13` and Ansible Lint to `4.3.4`.
-* Explicitly defined mode in relevant tasks for breaking changes in Ansible.
-* Role refactored to separate install and configure operations in preparation for an upcoming role split.
+- Huge refactoring by @alessfg to better unify this role with the structures present in the other nginxinc Ansible roles.
+- Update Ansible to `2.9.13` and Ansible Lint to `4.3.4`.
+- Explicitly defined mode in relevant tasks for breaking changes in Ansible.
+- Role refactored to separate install and configure operations in preparation for an upcoming role split.
 
 BUG FIXES:
 
-* The CentOS, RHEL, Debian and Ubuntu repositories have slightly changed to respond to a NAP repository deprecation activity. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
-* The RHEL and CentOS repository setups were incorrectly using a static gpgkey instead of using the variable as a source.
+- The CentOS, RHEL, Debian and Ubuntu repositories have slightly changed to respond to a NAP repository deprecation activity. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
+- The RHEL and CentOS repository setups were incorrectly using a static gpgkey instead of using the variable as a source.
 
 ## 0.1.0 (September 9, 2020)
 
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index 1cbfc7ab..a1e1dff0 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -14,22 +14,19 @@ appearance, race, religion, or sexual identity and orientation.
 Examples of behavior that contributes to creating a positive environment
 include:
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
- advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
 
 ## Our Responsibilities
 
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 1f42bb1e..93c10439 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -12,8 +12,8 @@ The following is a set of guidelines for contributing to the NGINX App Protect A
 
 [Code Guidelines](#code-guidelines)
 
-* [Git Guidelines](#git-guidelines)
-* [Ansible Guidelines](#ansible-guidelines)
+- [Git Guidelines](#git-guidelines)
+- [Ansible Guidelines](#ansible-guidelines)
 
 [Code of Conduct](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/CODE_OF_CONDUCT.md)
 
@@ -27,14 +27,14 @@ Follow our [Installation Guide](https://github.com/nginxinc/ansible-role-nginx-a
 
 ### Project Structure
 
-* The NGINX App Protect Ansible role is written in `yaml` and supports NGINX App Protect.
-* The project follows the standard [Ansible role directory structure](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html)
-  * The main code is found in [`tasks/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/tasks/).
-  * Variables can be found in [`defaults/main/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/defaults/main/).
-  * "Constant" variables can be found in [`vars/main.yml`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/vars/main.yml).
-  * Configuration templates for NGINX can be found in [`templates/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/templates/).
-  * [Molecule](https://molecule.readthedocs.io/) tests can be found in [`molecule/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/molecule/).
-  * CI/CD is done via GitHub actions using the workflow files found in [`.github/workflows/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/.github/workflows/).
+- The NGINX App Protect Ansible role is written in `yaml` and supports NGINX App Protect.
+- The project follows the standard [Ansible role directory structure](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html)
+  - The main code is found in [`tasks/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/tasks/).
+  - Variables can be found in [`defaults/main/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/defaults/main/).
+  - "Constant" variables can be found in [`vars/main.yml`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/vars/main.yml).
+  - Configuration templates for NGINX can be found in [`templates/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/templates/).
+  - [Molecule](https://molecule.readthedocs.io/) tests can be found in [`molecule/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/molecule/).
+  - CI/CD is done via GitHub actions using the workflow files found in [`.github/workflows/`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/.github/workflows/).
 
 ## Contributing
 
@@ -48,8 +48,8 @@ To suggest a feature or enhancement, please create an issue on GitHub with the l
 
 ### Open a Pull Request
 
-* Fork the repo, create a branch, implement your changes, add any relevant Molecule tests, submit a PR when your changes are **tested** (using Molecule) and ready for review.
-* Fill in [our pull request template](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/.github/pull_request_template.md).
+- Fork the repo, create a branch, implement your changes, add any relevant Molecule tests, submit a PR when your changes are **tested** (using Molecule) and ready for review.
+- Fill in [our pull request template](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/.github/pull_request_template.md).
 
 Note: if you'd like to implement a new feature, please consider creating a feature request issue first to start a discussion about the feature.
 
@@ -57,18 +57,18 @@ Note: if you'd like to implement a new feature, please consider creating a featu
 
 ### Ansible Guidelines
 
-* Run `molecule lint` over your code to automatically resolve a lot of `yaml` and Ansible style issues.
-* Run `molecule test` on your code before you submit a PR to catch any potential issues. If you are testing a specific molecule scenario, run `molecule test -s <scenario>`. You will need to procure an NGINX App Protect license (check out the [NGINX Plus developer license FAQ](https://www.nginx.com/developer-license-faqs/) to find out how to request one).
-* Follow these guides on some good practices for Ansible:
-  * <https://www.ansible.com/blog/ansible-best-practices-essentials>
-  * <https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html>
+- Run `molecule lint` over your code to automatically resolve a lot of `yaml` and Ansible style issues.
+- Run `molecule test` on your code before you submit a PR to catch any potential issues. If you are testing a specific molecule scenario, run `molecule test -s <scenario>`. You will need to procure an NGINX App Protect license (check out the [NGINX Plus developer license FAQ](https://www.nginx.com/developer-license-faqs/) to find out how to request one).
+- Follow these guides on some good practices for Ansible:
+  - <https://www.ansible.com/blog/ansible-best-practices-essentials>
+  - <https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html>
 
 ### Git Guidelines
 
-* Keep a clean, concise and meaningful git commit history on your branch (within reason), rebasing locally and squashing before submitting a PR
-* Follow the guidelines of writing a good commit message as described here <https://chris.beams.io/posts/git-commit/> and summarised in the next few points
-  * In the subject line, use the present tense ("Add feature" not "Added feature")
-  * In the subject line, use the imperative mood ("Move cursor to..." not "Moves cursor to...")
-  * Limit the subject line to 72 characters or less
-  * Reference issues and pull requests liberally after the subject line
-  * Add more detailed description in the body of the git message (`git commit -a` to give you more space and time in your text editor to write a good message instead of `git commit -am`)
+- Keep a clean, concise and meaningful git commit history on your branch (within reason), rebasing locally and squashing before submitting a PR
+- Follow the guidelines of writing a good commit message as described here <https://chris.beams.io/posts/git-commit/> and summarised in the next few points
+  - In the subject line, use the present tense ("Add feature" not "Added feature")
+  - In the subject line, use the imperative mood ("Move cursor to..." not "Moves cursor to...")
+  - Limit the subject line to 72 characters or less
+  - Reference issues and pull requests liberally after the subject line
+  - Add more detailed description in the body of the git message (`git commit -a` to give you more space and time in your text editor to write a good message instead of `git commit -am`)
diff --git a/README.md b/README.md
index 984253b7..d9c43ab0 100644
--- a/README.md
+++ b/README.md
@@ -20,8 +20,8 @@ If you wish to install NGINX App Protect WAF or NGINX App Protect DoS using this
 
 ### Ansible
 
-* This role is developed and tested with [maintained](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html) versions of Ansible core (above `2.12`).
-* When using Ansible core, you will also need to install the following collections:
+- This role is developed and tested with [maintained](https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html) versions of Ansible core (above `2.12`).
+- When using Ansible core, you will also need to install the following collections:
 
     ```yaml
     ---
@@ -37,18 +37,18 @@ If you wish to install NGINX App Protect WAF or NGINX App Protect DoS using this
     ```
 
     **Note:** You can alternatively install the Ansible community distribution (what is known as the "old" Ansible) if you don't want to manage individual collections.
-* Instructions on how to install Ansible can be found in the [Ansible website](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#upgrading-ansible-from-version-2-9-and-older-to-version-2-10-or-later).
+- Instructions on how to install Ansible can be found in the [Ansible website](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#upgrading-ansible-from-version-2-9-and-older-to-version-2-10-or-later).
 
 ### Jinja2
 
-* This role uses Jinja2 templates. Ansible core installs Jinja2 by default, but depending on your install and/or upgrade path, you might be running an outdated version of Jinja2. The minimum version of Jinja2 required for the role to properly function is `2.11`.
-* Instructions on how to install Jinja2 can be found in the [Jinja2 website](https://jinja.palletsprojects.com/en/2.11.x/intro/#installation).
+- This role uses Jinja2 templates. Ansible core installs Jinja2 by default, but depending on your install and/or upgrade path, you might be running an outdated version of Jinja2. The minimum version of Jinja2 required for the role to properly function is `3.1`.
+- Instructions on how to install Jinja2 can be found in the [Jinja2 website](https://jinja.palletsprojects.com/en/2.11.x/intro/#installation).
 
 ### Molecule (Optional)
 
-* Molecule is used to test the various functionalities of the role. The recommended version of Molecule to test this role is `3.3`.
-* Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/latest/installation.html). *You will also need to install the Molecule Docker driver.*
-* To run the Molecule tests, you must copy your NGINX App Protect license to the role's [`files/license`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/files/license/) folder.
+- Molecule is used to test the various functionalities of the role. The recommended version of Molecule to test this role is `4.x`.
+- Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/latest/installation.html). *You will also need to install the Molecule Docker driver.*
+- To run the Molecule tests, you must copy your NGINX App Protect license to the role's [`files/license`](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/files/license/) folder.
 
   You can alternatively add your NGINX App Protect repository certificate and key to the local environment. Run the following commands to export these files as base64-encoded variables and execute the Molecule tests:
 
@@ -62,11 +62,25 @@ If you wish to install NGINX App Protect WAF or NGINX App Protect DoS using this
 
 ### Ansible Galaxy
 
-Use `ansible-galaxy install nginxinc.nginx_app_protect` to install the latest stable release of the role on your system.
+To install the latest stable release of the role on your system, use:
+
+```bash
+ansible-galaxy install nginxinc.nginx_app_protect
+```
+
+Alternatively, if you have already installed the role, update the role to the latest release:
+
+```bash
+ansible-galaxy install -f nginxinc.nginx_app_protect
+```
 
 ### Git
 
-Use `git clone https://github.com/nginxinc/ansible-role-nginx-app-protect.git` to pull the latest edge commit of the role from GitHub.
+To pull the latest edge commit of the role from GitHub, use:
+
+```bash
+git clone https://github.com/nginxinc/ansible-role-nginx-app-protect.git
+```
 
 ## Platforms
 
@@ -89,8 +103,6 @@ Ubuntu:
   - focal (20.04)
 ```
 
-**Note:** Due to a packaging limitation in NGINX App Protect on Alpine, it may be required to explicitly install NGINX Plus on the instance **before** using the NGINX App Protect role if a hotfix version of NGINX Plus has been published. It is recommended to use the [NGINX Core](https://galaxy.ansible.com/nginxinc/nginx_core) Ansible role for this purpose.
-
 ### NGINX App Protect DoS
 
 The NGINX App Protect Ansible role supports all platforms supported by [NGINX Plus](https://www.nginx.com/products/technical-specs/) that intersect with the following list of distributions of App Protect DoS:
@@ -127,7 +139,7 @@ Similarly, descriptions and defaults for preset variables can be found in the **
 
 ## Dependencies
 
-* If NGINX Plus is *not* already installed on the system, this role will install the version of NGINX Plus that is dependent on the version of NGINX App Protect that is being installed.
+If NGINX Plus is *not* already installed on the system, this role will install the version of NGINX Plus that is dependent on the version of NGINX App Protect that is being installed.
 
 ## Example Playbook
 
diff --git a/SUPPORT.md b/SUPPORT.md
new file mode 100644
index 00000000..424be26e
--- /dev/null
+++ b/SUPPORT.md
@@ -0,0 +1,33 @@
+# Support
+
+We use GitHub for tracking bugs and feature requests related to the Ansible NGINX App Protect role.
+
+## Ask a Question
+
+Don't know how something works? Curious if the Ansible NGINX App Protect role can achieve your desired functionality? Please open an issue on GitHub with the label `question`.
+
+## NGINX Specific Questions and/or Issues
+
+This isn't the right place to get support for NGINX specific questions, but the following resources are available below. Thanks for your understanding!
+
+### Community Slack
+
+We have a community [Slack](https://nginxcommunity.slack.com/)!
+
+If you are not a member click [here](https://community.nginx.org/joinslack) to sign up (and let us know if the link does not seem to be working!)
+
+Once you join, check out the `#beginner-questions` and `nginx-users` channels :)
+
+### Documentation
+
+For a comprehensive list of all NGINX directives, check out <https://nginx.org>.
+
+For a comprehensive list of admin and deployment guides for all NGINX products, check out <https://docs.nginx.com>.
+
+### Mailing List
+
+Want to get in touch with the NGINX development team directly? Try using the relevant mailing list found at <https://mailman.nginx.org/mailman3/lists/>!
+
+## Contributing
+
+Please see the [contributing guide](https://github.com/nginxinc/ansible-role-nginx-app-protect/blob/main/CONTRIBUTING.md) for guidelines on how to best contribute to this project.
diff --git a/meta/main.yml b/meta/main.yml
index 5911eb49..af179506 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -7,7 +7,7 @@ galaxy_info:
 
   license: Apache License, Version 2.0
 
-  min_ansible_version: '2.12'
+  min_ansible_version: "2.12"
 
   platforms:
     - name: Alpine
@@ -15,7 +15,7 @@ galaxy_info:
     - name: Amazon Linux 2
       versions: [all]
     - name: EL
-      versions: ['7', '8']
+      versions: ["7", "8"]
     - name: Debian
       versions: [bullseye]
     - name: Ubuntu
diff --git a/molecule/default/files/test-log-profile.json b/molecule/default/files/test-log-profile.json
index ad039bae..28a98ba3 100644
--- a/molecule/default/files/test-log-profile.json
+++ b/molecule/default/files/test-log-profile.json
@@ -1,10 +1,10 @@
 {
-    "filter": {
-        "request_type": "all"
-    },
-    "content": {
-        "format": "splunk",
-        "max_request_size": "any",
-        "max_message_size": "10k"
-    }
+  "filter": {
+    "request_type": "all"
+  },
+  "content": {
+    "format": "splunk",
+    "max_request_size": "any",
+    "max_message_size": "10k"
+  }
 }
diff --git a/molecule/default/files/test-security-policy.json b/molecule/default/files/test-security-policy.json
index f440886a..25630d04 100644
--- a/molecule/default/files/test-security-policy.json
+++ b/molecule/default/files/test-security-policy.json
@@ -1,8 +1,8 @@
 {
-    "policy" : {
-        "name": "app_protect_default_policy",
-        "template": {
-            "name": "POLICY_TEMPLATE_NGINX_BASE"
-        }
+  "policy": {
+    "name": "app_protect_default_policy",
+    "template": {
+      "name": "POLICY_TEMPLATE_NGINX_BASE"
     }
+  }
 }