split template descriptions from guides

README.md

@@ -18,6 +18,8 @@ All templates live under [library](library):
 Each template directory uses JSON metadata:
 
 - `template.json` for template metadata and variable contract
+- `metadata.description` for a short plain-text summary
+- `metadata.guide` for detailed markdown usage instructions
 - `files/` for rendered source files
 
 ## Notes

library/ansible/checkmk-install-agent/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Install Checkmk Agent",
-    "description": "Installs and registers the Checkmk monitoring agent on target hosts using the `checkmk.general.agent` Ansible role.\n## References\n- [Checkmk Ansible Collection](https://github.com/Checkmk/ansible-collection-checkmk.general)\n- [Checkmk Documentation](https://docs.checkmk.com/)\n## Pre-Requisites\n- A running Checkmk server with API access\n- Automation user credentials configured on the Checkmk server",
+    "description": "Installs and registers the Checkmk monitoring agent on target hosts using the checkmk.general.agent Ansible role.",
+    "guide": "## Overview\nInstalls and registers the Checkmk monitoring agent on target hosts using the `checkmk.general.agent` Ansible role.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts; required.\n\n### Checkmk Configuration\n- `checkmk_server`: Checkmk Server; required.\n- `checkmk_protocol`: Checkmk Server Protocol; required; default: https.\n- `checkmk_site`: Checkmk Site; required; default: cmk.\n- `checkmk_auto_activate`: Auto Activate Agent; optional.\n- `checkmk_tls`: Use TLS for Agent Communication; optional.\n- `checkmk_user`: Checkmk Automation User; required.\n- `checkmk_pass`: Checkmk Automation User Password; required.\n- `checkmk_host`: Checkmk Host Name; required.\n\n## References\n- [Checkmk Ansible Collection](https://github.com/Checkmk/ansible-collection-checkmk.general)\n- [Checkmk Documentation](https://docs.checkmk.com/)\n## Pre-Requisites\n- A running Checkmk server with API access\n- Automation user credentials configured on the Checkmk server",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "2.4.0",

library/ansible/checkmk-manage-host/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Manage Checkmk Host",
-    "description": "Manages host entries in Checkmk monitoring using the `checkmk.general.host` Ansible module. Creates or updates host configuration in your Checkmk instance.\n## References\n- [Checkmk Ansible Collection](https://github.com/Checkmk/ansible-collection-checkmk.general)\n- [Checkmk Documentation](https://docs.checkmk.com/)\n## Pre-Requisites\n- A running Checkmk server with API access\n- Automation user credentials configured on the Checkmk server",
+    "description": "Manages host entries in Checkmk monitoring using the checkmk.general.host Ansible module. Creates or updates host configuration in your Checkmk instance.",
+    "guide": "## Overview\nManages host entries in Checkmk monitoring using the `checkmk.general.host` Ansible module. Creates or updates host configuration in your Checkmk instance.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts or group; required.\n\n### Checkmk Configuration\n- `checkmk_server`: Checkmk Server; required.\n- `checkmk_protocol`: Checkmk Server Protocol; required; default: https.\n- `checkmk_site`: Checkmk Site; required; default: cmk.\n- `checkmk_user`: Checkmk Automation User; required.\n- `checkmk_pass`: Checkmk Automation User Password; required.\n\n### Host Configuration\n- `host_name`: Hostname to add to Checkmk; required.\n- `host_ip`: IP address of the host; required.\n- `host_folder`: Folder path in Checkmk; required; default: /.\n\n## References\n- [Checkmk Ansible Collection](https://github.com/Checkmk/ansible-collection-checkmk.general)\n- [Checkmk Documentation](https://docs.checkmk.com/)\n## Pre-Requisites\n- A running Checkmk server with API access\n- Automation user credentials configured on the Checkmk server",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "2.4.0",

library/ansible/docker-certs-enable/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Enable Docker TLS",
-    "description": "Enables TLS on the Docker daemon using existing certificates. Configures Docker for secure remote API access over an encrypted connection.\n## References\n- [Docker TLS Documentation](https://docs.docker.com/engine/security/protect-access/)\n## Pre-Requisites\n- TLS certificates must already be generated (use the `docker-certs` template first)",
+    "description": "Enables TLS on the Docker daemon using existing certificates. Configures Docker for secure remote API access over an encrypted connection.",
+    "guide": "## Overview\nEnables TLS on the Docker daemon using existing certificates. Configures Docker for secure remote API access over an encrypted connection.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts; required.\n- `playbook_name`: Playbook Name; optional; default: Docker Certs enable.\n- `become`: Become; optional; default: true.\n- `secrets_file`: Secrets File; optional.\n\n### Certificate Configuration\n- `certs_path`: Path where certificates are stored; optional; default: /root/docker-certs.\n\n## References\n- [Docker TLS Documentation](https://docs.docker.com/engine/security/protect-access/)\n## Pre-Requisites\n- TLS certificates must already be generated (use the `docker-certs` template first)",
     "author": "Christian Lempa",
     "template_version": "1.0.0",
     "icon": {

library/ansible/docker-certs/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Generate Docker TLS Certificates",
-    "description": "Generates TLS certificates for the Docker daemon, including CA, server, and client certificates. Used to secure Docker remote API access.\n## References\n- [Docker TLS Documentation](https://docs.docker.com/engine/security/protect-access/)",
+    "description": "Generates TLS certificates for the Docker daemon, including CA, server, and client certificates. Used to secure Docker remote API access.",
+    "guide": "## Overview\nGenerates TLS certificates for the Docker daemon, including CA, server, and client certificates. Used to secure Docker remote API access.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts; required.\n- `playbook_name`: Playbook Name; optional; default: Docker Certs.\n- `become`: Become; optional; default: true.\n- `secrets_file`: Secrets File; optional.\n\n### Certificate Configuration\n- `certs_path`: Path where certificates will be stored; optional; default: /root/docker-certs.\n- `cert_validity_days`: Certificate validity period in days; optional; default: 3650.\n- `cn_domain`: Common Name (CN) for the CA certificate; optional; default: your-domain.tld.\n\n## References\n- [Docker TLS Documentation](https://docs.docker.com/engine/security/protect-access/)",
     "author": "Christian Lempa",
     "template_version": "1.0.0",
     "icon": {

library/ansible/docker-cleanup/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Cleanup",
-    "description": "Safely prunes Docker resources on target hosts. Only removes resources that are explicitly enabled in the configuration, keeping a conservative default.\n## References\n- [Docker System Prune](https://docs.docker.com/engine/reference/commandline/system_prune/)\n## Notes\n### Variables\n- `prune_include_unused_tagged_images` - By default only dangling (untagged) images are removed. Enable this to also prune unused tagged images.",
+    "description": "Safely prunes Docker resources on target hosts. Only removes resources that are explicitly enabled in the configuration, keeping a conservative default.",
+    "guide": "## Overview\nSafely prunes Docker resources on target hosts. Only removes resources that are explicitly enabled in the configuration, keeping a conservative default.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Prune Options\n- `prune_include_unused_tagged_images`: Enable pruning of unused tagged images in addition to dangling images; optional; default: false.\n- `prune_stopped_containers`: Remove stopped containers; optional; default: false.\n- `prune_unused_volumes`: Remove unused volumes; optional; default: false.\n- `prune_unused_networks`: Remove unused networks; optional; default: false.\n- `prune_builder_cache`: Remove unused build cache; optional; default: false.\n- `prune_keep_storage_mb`: Minimum amount of cache/storage to keep when pruning (where supported); optional; default: 1024.\n\n## References\n- [Docker System Prune](https://docs.docker.com/engine/reference/commandline/system_prune/)\n## Notes\n### Variables\n- `prune_include_unused_tagged_images` - By default only dangling (untagged) images are removed. Enable this to also prune unused tagged images.",
     "tags": [
       "docker",
       "cleanup",

library/ansible/docker-disk-usage-report/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Disk Usage Report",
-    "description": "Generates a Docker disk usage report on target hosts and optionally sends a summary to Discord via webhook.\n## References\n- [Docker System DF](https://docs.docker.com/reference/cli/docker/system/df/)",
+    "description": "Generates a Docker disk usage report on target hosts and optionally sends a summary to Discord via webhook.",
+    "guide": "## Overview\nGenerates a Docker disk usage report on target hosts and optionally sends a summary to Discord via webhook.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Report\n- `include_verbose_report`: Include docker system df -v output in local report; optional; default: false.\n\n### Discord Webhook\n- `discord_enabled`: Send a short report to Discord webhook; optional; default: false.\n- `discord_webhook_url`: Discord webhook endpoint URL; optional.\n- `discord_username`: Sender name for webhook message; optional; default: Docker Reporter.\n- `discord_message_prefix`: Prefix line sent before report content; optional; default: Docker Disk Usage Report.\n\n### Internal\n- `docker_df_verbose`: Docker DF Verbose; optional.\n- `report_file_name`: Report File Name; optional.\n- `report_root`: Report Root; optional; default: /opt/docker-reports.\n- `docker_disk_usage_report_body`: Disk Usage Report Body; optional.\n- `discord_disk_report_content`: Discord Disk Report Content; optional.\n- `inventory_hostname`: Inventory Hostname; optional.\n- `report_timestamp`: Report Timestamp; optional.\n- `docker_df_summary`: Docker DF Summary; optional.\n\n## References\n- [Docker System DF](https://docs.docker.com/reference/cli/docker/system/df/)",
     "tags": [
       "docker",
       "report",

library/ansible/docker-healthcheck-audit/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Healthcheck Audit",
-    "description": "Audits Docker containers for missing healthchecks and optionally fails the playbook when violations are found. Can save a JSON audit report to the target host.\n## References\n- [Docker HEALTHCHECK](https://docs.docker.com/engine/reference/builder/#healthcheck)",
+    "description": "Audits Docker containers for missing healthchecks and optionally fails the playbook when violations are found. Can save a JSON audit report to the target host.",
+    "guide": "## Overview\nAudits Docker containers for missing healthchecks and optionally fails the playbook when violations are found. Can save a JSON audit report to the target host.\n\n## How to Use\nThis template renders `playbook.yml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Audit\n- `audit_fail_on_missing`: Fail the play if one or more containers are missing a healthcheck; optional; default: false.\n- `audit_save_report`: Save audit report to a JSON file on the target host; optional; default: true.\n- `audit_report_path`: Path to store the generated JSON report; optional; default: /tmp/docker-healthcheck-audit.json.\n\n### Internal\n- `containers_missing_healthcheck`: Containers Missing Healthcheck; optional.\n- `docker_healthcheck_audit_report`: Healthcheck Audit Report; optional.\n- `docker_host_info`: Docker Host Info; optional.\n\n## References\n- [Docker HEALTHCHECK](https://docs.docker.com/engine/reference/builder/#healthcheck)",
     "tags": [
       "docker",
       "audit",

library/ansible/docker-install-ubuntu/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Install Docker on Ubuntu",
-    "description": "Installs Docker Engine on Ubuntu systems using the official Docker APT repository.\n## References\n- [Docker Engine Install (Ubuntu)](https://docs.docker.com/engine/install/ubuntu/)\n- [Docker Documentation](https://docs.docker.com/)",
+    "description": "Installs Docker Engine on Ubuntu systems using the official Docker APT repository.",
+    "guide": "## Overview\nInstalls Docker Engine on Ubuntu systems using the official Docker APT repository.\n\n## How to Use\nThis template renders `main.yml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Post-Install\n- `add_user_to_docker`: Add a user to the docker group; optional; default: false.\n- `user`: Username to add to docker group; optional; shown when: add_user_to_docker=true.\n\n## References\n- [Docker Engine Install (Ubuntu)](https://docs.docker.com/engine/install/ubuntu/)\n- [Docker Documentation](https://docs.docker.com/)",
     "author": "Christian Lempa",
     "icon": {
       "provider": "simple-icons",

library/ansible/docker-mysql-backup/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker MySQL Backup",
-    "description": "Connects to a named MySQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.\n## References\n- [mysqldump Documentation](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html)\n## Notes\n### Variables\n- `mysql_database` - Set to `all` to dump all databases using `mysqldump --all-databases`.",
+    "description": "Connects to a named MySQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.",
+    "guide": "## Overview\nConnects to a named MySQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Backup\n- `container_name`: Name of the MySQL container; required.\n- `mysql_user`: Database user for mysqldump; optional; default: root.\n- `mysql_password`: Optional database password; optional.\n- `mysql_database`: Database to dump, or 'all' for all databases; optional; default: all.\n- `backup_retention_days`: Delete backup archives older than this many days; optional; default: 14.\n\n### Notification\n- `send_discord_notification`: Send success/failure status to Discord webhook; optional; default: false.\n- `discord_webhook`: Discord webhook URL for notifications; optional.\n\n### Internal\n- `backup_file_name`: Backup File Name; optional.\n- `backup_root`: Backup Root; optional; default: /opt/docker-db-backups/mysql.\n- `ansible_failed_result`: Failed Result; optional.\n- `backup_timestamp`: Backup Timestamp; optional.\n- `old_backups`: Old Backups; optional.\n- `backup_status`: Backup Status; optional.\n- `inventory_hostname`: Inventory Hostname; optional.\n- `backup_file_path`: Backup File Path; optional.\n- `item`: Loop Item; optional.\n- `backup_status_message`: Backup Status Message; optional.\n\n## References\n- [mysqldump Documentation](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html)\n## Notes\n### Variables\n- `mysql_database` - Set to `all` to dump all databases using `mysqldump --all-databases`.",
     "tags": [
       "docker",
       "backup",

library/ansible/docker-orphan-detection/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Orphan Detection",
-    "description": "Detects orphaned Docker resources (dead/exited containers, dangling images, volumes, and networks) and optionally sends a report to Discord via webhook.\n## References\n- [Docker System Commands](https://docs.docker.com/reference/cli/docker/system/)",
+    "description": "Detects orphaned Docker resources (dead/exited containers, dangling images, volumes, and networks) and optionally sends a report to Discord via webhook.",
+    "guide": "## Overview\nDetects orphaned Docker resources (dead/exited containers, dangling images, volumes, and networks) and optionally sends a report to Discord via webhook.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Discord Webhook\n- `discord_enabled`: Send orphan detection summary to Discord webhook; optional; default: false.\n- `discord_webhook_url`: Discord webhook endpoint URL; optional.\n- `discord_username`: Sender name for webhook message; optional; default: Docker Reporter.\n- `discord_message_prefix`: Prefix line sent before report content; optional; default: Docker Orphan Detection Report.\n\n### Internal\n- `report_root`: Report Root; optional; default: /opt/docker-reports.\n- `orphan_dead_containers`: Orphan Dead Containers; optional.\n- `orphan_dangling_images`: Orphan Dangling Images; optional.\n- `orphan_dangling_volumes`: Orphan Dangling Volumes; optional.\n- `docker_orphan_report_body`: Orphan Report Body; optional.\n- `report_timestamp`: Report Timestamp; optional.\n- `orphan_exited_containers`: Orphan Exited Containers; optional.\n- `orphan_dangling_networks`: Orphan Dangling Networks; optional.\n- `report_file_name`: Report File Name; optional.\n- `discord_orphan_report_content`: Discord Orphan Report Content; optional.\n- `inventory_hostname`: Inventory Hostname; optional.\n\n## References\n- [Docker System Commands](https://docs.docker.com/reference/cli/docker/system/)",
     "tags": [
       "docker",
       "audit",

library/ansible/docker-postgres-backup/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Postgres Backup",
-    "description": "Connects to a named PostgreSQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.\n## References\n- [pg_dump Documentation](https://www.postgresql.org/docs/current/app-pgdump.html)\n## Notes\n### Variables\n- `postgres_database` - Set to `all` to dump all databases using `pg_dumpall`.",
+    "description": "Connects to a named PostgreSQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.",
+    "guide": "## Overview\nConnects to a named PostgreSQL container and creates compressed SQL dumps with configurable retention. Supports optional Discord notifications on success or failure.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Backup\n- `container_name`: Name of the PostgreSQL container; required.\n- `postgres_user`: Database user for pg_dump/pg_dumpall; optional; default: postgres.\n- `postgres_password`: Optional database password; optional.\n- `postgres_database`: Database to dump, or 'all' for all databases; optional; default: all.\n- `backup_retention_days`: Delete backup archives older than this many days; optional; default: 14.\n\n### Notification\n- `send_discord_notification`: Send success/failure status to Discord webhook; optional; default: false.\n- `discord_webhook`: Discord webhook URL for notifications; optional.\n\n### Internal\n- `backup_status`: Backup Status; optional.\n- `inventory_hostname`: Inventory Hostname; optional.\n- `backup_timestamp`: Backup Timestamp; optional.\n- `item`: Loop Item; optional.\n- `backup_file_path`: Backup File Path; optional.\n- `old_backups`: Old Backups; optional.\n- `backup_root`: Backup Root; optional; default: /opt/docker-db-backups/postgres.\n- `backup_file_name`: Backup File Name; optional.\n- `ansible_failed_result`: Failed Result; optional.\n- `backup_status_message`: Backup Status Message; optional.\n\n## References\n- [pg_dump Documentation](https://www.postgresql.org/docs/current/app-pgdump.html)\n## Notes\n### Variables\n- `postgres_database` - Set to `all` to dump all databases using `pg_dumpall`.",
     "tags": [
       "docker",
       "backup",

library/ansible/docker-volume-backup/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Docker Volume Backup",
-    "description": "Backs up data from a Docker container path by auto-attaching all container volumes into a temporary backup container. Creates timestamped tar.gz archives with configurable retention.\n## References\n- [Docker Volumes](https://docs.docker.com/storage/volumes/)\n## Notes\n### Variables\n- `stop_containers_during_backup` - When enabled, stops the container before backup and restarts it afterwards. Recommended for databases and stateful applications to ensure data consistency.",
+    "description": "Backs up data from a Docker container path by auto-attaching all container volumes into a temporary backup container. Creates timestamped tar.gz archives with configurable retention.",
+    "guide": "## Overview\nBacks up data from a Docker container path by auto-attaching all container volumes into a temporary backup container. Creates timestamped tar.gz archives with configurable retention.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### Backup\n- `container_name`: Name of the Docker container to back up; required.\n- `backup_retention_days`: Delete backup archives older than this many days; optional; default: 14.\n- `backup_container_path`: Path inside the container that should be archived; required.\n- `stop_containers_during_backup`: If enabled, stop the container before backup and start it again afterwards if it was running; optional; default: false.\n\n### Internal\n- `backup_timestamp`: Backup Timestamp; optional.\n- `backup_root`: Backup Root; optional; default: /opt/docker-volume-backups.\n- `backup_archive_name`: Backup Archive Name; optional.\n- `item`: Loop Item; optional.\n- `old_backups`: Old Backups; optional.\n\n## References\n- [Docker Volumes](https://docs.docker.com/storage/volumes/)\n## Notes\n### Variables\n- `stop_containers_during_backup` - When enabled, stops the container before backup and restarts it afterwards. Recommended for databases and stateful applications to ensure data consistency.",
     "tags": [
       "docker",
       "backup",

library/ansible/ubuntu-add-sshkey/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Add SSH Key and Configure Sudoers",
-    "description": "Adds an SSH public key to `authorized_keys` on target hosts and configures passwordless sudo for the sudo group.\n## References\n- [OpenSSH Manual](https://www.openssh.com/manual.html)",
+    "description": "Adds an SSH public key to authorized_keys on target hosts and configures passwordless sudo for the sudo group.",
+    "guide": "## Overview\nAdds an SSH public key to `authorized_keys` on target hosts and configures passwordless sudo for the sudo group.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts; required.\n- `playbook_name`: Playbook Name; optional; default: Add ssh key.\n- `become`: Become; optional; default: true.\n- `secrets_file`: Secrets File; optional.\n\n## References\n- [OpenSSH Manual](https://www.openssh.com/manual.html)",
     "author": "Christian Lempa",
     "template_version": "1.0.0",
     "icon": {

library/ansible/ubuntu-apt-update/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Update and Upgrade Ubuntu Packages",
-    "description": "Runs `apt update` and `dist-upgrade` on Ubuntu systems to update all installed packages to their latest versions.\n## References\n- [Ubuntu Server Documentation](https://ubuntu.com/server/docs)",
+    "description": "Runs apt update and dist-upgrade on Ubuntu systems to update all installed packages to their latest versions.",
+    "guide": "## Overview\nRuns `apt update` and `dist-upgrade` on Ubuntu systems to update all installed packages to their latest versions.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `playbook_name`: Playbook Name; optional; default: Update and upgrade apt packages.\n- `target_hosts`: Target Hosts; optional; default: all.\n- `become`: Become; optional; default: false.\n- `secrets_file`: Secrets File; optional.\n\n## References\n- [Ubuntu Server Documentation](https://ubuntu.com/server/docs)",
     "author": "Christian Lempa",
     "template_version": "1.0.0",
     "icon": {

library/ansible/ubuntu-vm-core/template.json

@@ -4,7 +4,8 @@
   "kind": "ansible",
   "metadata": {
     "name": "Install Ubuntu VM Core Packages",
-    "description": "Installs essential packages for Ubuntu virtual machines, including Prometheus node exporter, NFS client utilities, and QEMU guest agent.\n## References\n- [Ubuntu Server Documentation](https://ubuntu.com/server/docs)\n- [Prometheus Node Exporter](https://github.com/prometheus/node_exporter)",
+    "description": "Installs essential packages for Ubuntu virtual machines, including Prometheus node exporter, NFS client utilities, and QEMU guest agent.",
+    "guide": "## Overview\nInstalls essential packages for Ubuntu virtual machines, including Prometheus node exporter, NFS client utilities, and QEMU guest agent.\n\n## How to Use\nThis template renders `playbook.yaml` as a file.\n\n1. Review the target hosts and authentication settings first.\n2. Fill in the required variables for the task you want to automate, then adjust optional safety or notification settings as needed.\n3. Render the playbook and run it against the intended inventory after validating the values for your environment.\n\n## Variable Guide\n### General\n- `target_hosts`: Target hosts; required.\n- `playbook_name`: Playbook Name; optional; default: Install core packages for virtual machines.\n- `become`: Become; optional; default: true.\n- `secrets_file`: Secrets File; optional.\n\n## References\n- [Ubuntu Server Documentation](https://ubuntu.com/server/docs)\n- [Prometheus Node Exporter](https://github.com/prometheus/node_exporter)",
     "author": "Christian Lempa",
     "template_version": "1.0.0",
     "icon": {

library/bash/test-bash-1/template.json

@@ -4,7 +4,8 @@
   "kind": "bash",
   "metadata": {
     "name": "Test Bash 1",
-    "description": "Example Bash script template that displays a configurable greeting message.\n## References\n- [Bash Reference Manual](https://www.gnu.org/software/bash/manual/bash.html)",
+    "description": "Example Bash script template that displays a configurable greeting message.",
+    "guide": "## Overview\nExample Bash script template that displays a configurable greeting message.\n\n## How to Use\nThis template renders `main.sh` as a file.\n\n1. Set the required script inputs first, then adjust optional behavior flags if the template exposes them.\n2. Render the script and review the generated shell commands before running it in your environment.\n3. Execute the script with the expected shell and permissions for the target system.\n\n## Variable Guide\n### General\n- `text`: The text that will be displayed in the greeting message.; required; default: World.\n\n## References\n- [Bash Reference Manual](https://www.gnu.org/software/bash/manual/bash.html)",
     "tags": [
       "demo"
     ],

library/compose/checkmk/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Checkmk",
-    "description": "Comprehensive IT monitoring solution for infrastructure, applications, and services. Provides real-time health and performance insights with server, network, cloud, and application monitoring.\n## References\n- [Checkmk](https://checkmk.com/)\n- [Documentation](https://docs.checkmk.com/latest/en/)\n- [GitHub](https://github.com/tribe29/checkmk)",
+    "description": "Comprehensive IT monitoring solution for infrastructure, applications, and services. Provides real-time health and performance insights with server, network, cloud, and application monitoring.",
+    "guide": "## Overview\nComprehensive IT monitoring solution for infrastructure, applications, and services. Provides real-time health and performance insights with server, network, cloud, and application monitoring.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: checkmk.\n- `container_timezone`: Container Timezone; optional.\n- `user_uid`: User Uid; optional; default: 1000.\n- `user_gid`: User Gid; optional; default: 1000.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `cmk_password`: CheckMK admin password; required.\n- `cmk_site_id`: CheckMK site ID; required; default: cmk.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: checkmk.\n- `traefik_network`: Traefik Network; required; default: traefik.\n- `traefik_domain`: Traefik Domain; required; default: home.arpa.\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n\n### Ports\n- `ports_http`: Ports Http; optional; default: 8000.\n- `ports_agent`: Agent port; required; default: 5000.\n- `ports_snmp`: SNMP trap port; required; default: 162.\n\n### Traefik TLS\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; required; default: cloudflare.\n- `traefik_tls_enabled`: Enable Traefik TLS; optional; default: false.\n\n## References\n- [Checkmk](https://checkmk.com/)\n- [Documentation](https://docs.checkmk.com/latest/en/)\n- [GitHub](https://github.com/tribe29/checkmk)",
     "tags": [
       "traefik"
     ],

library/compose/dockge/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Dockge",
-    "description": "Web-based Docker Compose stack manager with a clean UI for creating, editing, starting, and stopping compose stacks directly from the browser.\n## References\n- [Dockge](https://dockge.kuma.pet/)\n- [GitHub](https://github.com/louislam/dockge)",
+    "description": "Web-based Docker Compose stack manager with a clean UI for creating, editing, starting, and stopping compose stacks directly from the browser.",
+    "guide": "## Overview\nWeb-based Docker Compose stack manager with a clean UI for creating, editing, starting, and stopping compose stacks directly from the browser.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: dockge.\n- `container_timezone`: Container Timezone; optional.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `stacks_path`: Docker Compose Path; required; default: /opt/stacks.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: dockge.\n- `traefik_network`: Traefik Network; required; default: traefik.\n- `traefik_domain`: Traefik Domain; required; default: home.arpa.\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n\n### Traefik TLS\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; required; default: cloudflare.\n- `traefik_tls_enabled`: Enable Traefik TLS; optional; default: false.\n\n### Ports\n- `ports_http`: Ports Http; optional; default: 5001.\n\n## References\n- [Dockge](https://dockge.kuma.pet/)\n- [GitHub](https://github.com/louislam/dockge)",
     "tags": [
       "traefik"
     ],

library/compose/gitlab-runner/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Gitlab-Runner",
-    "description": "CI/CD build runner for GitLab pipelines. Executes jobs defined in `.gitlab-ci.yml` using the Docker executor.\n## References\n- [GitLab Runner](https://docs.gitlab.com/runner/)\n- [GitHub](https://github.com/gitlab/gitlab-runner)\n## Pre-Requisites\n- A running GitLab instance with a runner registration token",
+    "description": "CI/CD build runner for GitLab pipelines. Executes jobs defined in .gitlab-ci.yml using the Docker executor.",
+    "guide": "## Overview\nCI/CD build runner for GitLab pipelines. Executes jobs defined in `.gitlab-ci.yml` using the Docker executor.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: gitlab-runner.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n\n## References\n- [GitLab Runner](https://docs.gitlab.com/runner/)\n- [GitHub](https://github.com/gitlab/gitlab-runner)\n## Pre-Requisites\n- A running GitLab instance with a runner registration token",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "alpine-v17.9.1",

library/compose/homeassistant/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Homeassistant",
-    "description": "Open-source smart home automation platform that puts local control and privacy first. Supports thousands of devices and integrations.\n## References\n- [Home Assistant](https://www.home-assistant.io/)\n- [Documentation](https://www.home-assistant.io/docs/)",
+    "description": "Open-source smart home automation platform that puts local control and privacy first. Supports thousands of devices and integrations.",
+    "guide": "## Overview\nOpen-source smart home automation platform that puts local control and privacy first. Supports thousands of devices and integrations.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `container_name`: Container Name; optional; default: homeassistant.\n- `service_name`: Service Name; optional; default: homeassistant.\n\n## References\n- [Home Assistant](https://www.home-assistant.io/)\n- [Documentation](https://www.home-assistant.io/docs/)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "2026.2.2",

library/compose/influxdb/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Influxdb",
-    "description": "Open-source time series database designed for high-performance storage and retrieval of time-stamped data. Commonly used for monitoring, analytics, and IoT applications.\n## References\n- [InfluxDB](https://www.influxdata.com/)\n- [Documentation](https://docs.influxdata.com/influxdb/)\n- [GitHub](https://github.com/influxdata/influxdb)",
+    "description": "Open-source time series database designed for high-performance storage and retrieval of time-stamped data. Commonly used for monitoring, analytics, and IoT applications.",
+    "guide": "## Overview\nOpen-source time series database designed for high-performance storage and retrieval of time-stamped data. Commonly used for monitoring, analytics, and IoT applications.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### Ports\n- `ports_http`: Host port for HTTP API (8086); optional; default: 8086.\n\n### Influxdb\n- `influxdb_init_username`: Initial admin username; required; default: admin.\n- `influxdb_init_password`: Initial admin password; required.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: influxdb.\n- `traefik_network`: Traefik Network; required; default: traefik.\n- `traefik_domain`: Traefik Domain; required; default: home.arpa.\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n\n### Traefik TLS\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; required; default: cloudflare.\n- `traefik_tls_enabled`: Enable Traefik TLS; optional; default: false.\n\n### General\n- `service_name`: Service Name; optional; default: influxdb.\n- `container_timezone`: Container Timezone; optional.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `influxdb_version`: Influxdb version; optional; default: latest.\n\n## References\n- [InfluxDB](https://www.influxdata.com/)\n- [Documentation](https://docs.influxdata.com/influxdb/)\n- [GitHub](https://github.com/influxdata/influxdb)",
     "tags": [
       "traefik"
     ],

library/compose/loki/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Loki",
-    "description": "Horizontally scalable, multi-tenant log aggregation system by Grafana, inspired by Prometheus. Indexes metadata rather than log content for efficient storage.\n## References\n- [Loki](https://grafana.com/oss/loki/)\n- [Documentation](https://grafana.com/docs/loki/latest/)\n- [GitHub](https://github.com/grafana/loki)",
+    "description": "Horizontally scalable, multi-tenant log aggregation system by Grafana, inspired by Prometheus. Indexes metadata rather than log content for efficient storage.",
+    "guide": "## Overview\nHorizontally scalable, multi-tenant log aggregation system by Grafana, inspired by Prometheus. Indexes metadata rather than log content for efficient storage.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: loki.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `data_retention_days`: Number of days to retain logs; optional; default: 7.\n\n### Ports\n- `ports_http`: Ports Http; optional; default: 3100.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: loki.\n- `traefik_network`: Traefik Network; required; default: traefik.\n- `traefik_domain`: Traefik Domain; required; default: home.arpa.\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n\n### Traefik TLS\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; required; default: cloudflare.\n- `traefik_tls_enabled`: Enable Traefik TLS; optional; default: false.\n\n## References\n- [Loki](https://grafana.com/oss/loki/)\n- [Documentation](https://grafana.com/docs/loki/latest/)\n- [GitHub](https://github.com/grafana/loki)",
     "tags": [
       "traefik",
       "authentik"

library/compose/mariadb/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "MariaDB",
-    "description": "Community-developed, open-source relational database management system and drop-in replacement for MySQL.\n## References\n- [MariaDB](https://mariadb.org/)\n- [Documentation](https://mariadb.com/kb/en/documentation/)\n- [GitHub](https://github.com/MariaDB/server)",
+    "description": "Community-developed, open-source relational database management system and drop-in replacement for MySQL.",
+    "guide": "## Overview\nCommunity-developed, open-source relational database management system and drop-in replacement for MySQL.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: mariadb.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n\n### Ports\n- `ports_mariadb`: Host port for MariaDB; required; default: 3306.\n\n### Database\n- `database_name`: Database Name; required.\n- `database_user`: Database User; required.\n- `database_password`: Database Password; required.\n\n## References\n- [MariaDB](https://mariadb.org/)\n- [Documentation](https://mariadb.com/kb/en/documentation/)\n- [GitHub](https://github.com/MariaDB/server)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "12.2.2",

library/compose/nginx/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Nginx",
-    "description": "High-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.\n## References\n- [Nginx](https://nginx.org/)\n- [Documentation](https://nginx.org/en/docs/)\n- [GitHub](https://github.com/nginx/nginx)",
+    "description": "High-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.",
+    "guide": "## Overview\nHigh-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: nginx.\n- `restart_policy`: Restart Policy; optional; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `container_name`: Container Name; optional; default: nginx.\n- `container_timezone`: Container Timezone; optional; default: UTC.\n- `traefik_tls_entrypoint`: Traefik Tls Entrypoint; optional.\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; optional.\n\n### Ports\n- `ports_http`: HTTP port for nginx service; optional; default: 8080.\n- `ports_https`: HTTPS port for nginx service; optional; default: 8443.\n\n### Traefik\n- `traefik_enabled`: Traefik Enabled; optional; default: false.\n- `traefik_network`: Traefik Network; optional; default: traefik.\n- `traefik_host`: Traefik Host; optional; default: nginx.\n- `traefik_domain`: Traefik Domain; optional; default: home.arpa.\n- `traefik_entrypoint`: Traefik Entrypoint; optional; default: web.\n\n### Network\n- `network_mode`: Network Mode; optional; default: bridge; options: bridge, host, macvlan.\n- `network_name`: Network Name; optional; default: bridge.\n\n## References\n- [Nginx](https://nginx.org/)\n- [Documentation](https://nginx.org/en/docs/)\n- [GitHub](https://github.com/nginx/nginx)",
     "tags": [
       "traefik"
     ],

library/compose/passbolt/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Passbolt",
-    "description": "Open-source password manager designed for teams and businesses. Provides secure storage, sharing, and collaborative management of passwords and sensitive information.\n## References\n- [Passbolt](https://www.passbolt.com/)\n- [Documentation](https://help.passbolt.com/)\n- [GitHub](https://github.com/passbolt/passbolt)",
+    "description": "Open-source password manager designed for teams and businesses. Provides secure storage, sharing, and collaborative management of passwords and sensitive information.",
+    "guide": "## Overview\nOpen-source password manager designed for teams and businesses. Provides secure storage, sharing, and collaborative management of passwords and sensitive information.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: passbolt.\n- `container_timezone`: Container Timezone; optional.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: passbolt.\n\n### Database\n- `database_name`: Database Name; optional; default: passbolt.\n- `database_user`: Database User; optional; default: passbolt.\n\n## References\n- [Passbolt](https://www.passbolt.com/)\n- [Documentation](https://help.passbolt.com/)\n- [GitHub](https://github.com/passbolt/passbolt)",
     "tags": [
       "traefik",
       "database"

library/compose/prometheus/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Prometheus",
-    "description": "Open-source systems monitoring and alerting toolkit. Collects and stores metrics as time series data, with a powerful query language (PromQL) and integration with visualization tools like Grafana.\n## References\n- [Prometheus](https://prometheus.io/)\n- [Documentation](https://prometheus.io/docs/)\n- [GitHub](https://github.com/prometheus/prometheus)",
+    "description": "Open-source systems monitoring and alerting toolkit. Collects and stores metrics as time series data, with a powerful query language (PromQL) and integration with visualization tools like Grafana.",
+    "guide": "## Overview\nOpen-source systems monitoring and alerting toolkit. Collects and stores metrics as time series data, with a powerful query language (PromQL) and integration with visualization tools like Grafana.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: prometheus.\n- `restart_policy`: Restart Policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n\n### Metrics & Storage\n- `metrics_retention_time`: How long to retain samples (e.g., 15d, 30d, 1y); optional; default: 15d.\n- `metrics_retention_size`: Maximum storage size (e.g., 5GB, 10GB, 1TB); optional; default: 0.\n- `metrics_enable_remote_write`: Enable remote write receiver (allows pushing metrics via /api/v1/write); optional; default: false.\n\n### Ports\n- `ports_http`: Ports Http; optional; default: 9090.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: prometheus.\n- `traefik_network`: Traefik Network; required; default: traefik.\n- `traefik_domain`: Traefik Domain; required; default: home.arpa.\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n\n### Traefik TLS\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; required; default: cloudflare.\n- `traefik_tls_enabled`: Enable Traefik TLS; optional; default: false.\n\n## References\n- [Prometheus](https://prometheus.io/)\n- [Documentation](https://prometheus.io/docs/)\n- [GitHub](https://github.com/prometheus/prometheus)",
     "tags": [
       "traefik",
       "authentik"

library/compose/uptimekuma/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Uptimekuma",
-    "description": "Self-hosted uptime monitoring tool with support for HTTP(s), TCP, ping, DNS, and more. Provides a clean dashboard and customizable notifications.\n## References\n- [Uptime Kuma](https://uptime.kuma.pet/)\n- [GitHub](https://github.com/louislam/uptime-kuma)",
+    "description": "Self-hosted uptime monitoring tool with support for HTTP(s), TCP, ping, DNS, and more. Provides a clean dashboard and customizable notifications.",
+    "guide": "## Overview\nSelf-hosted uptime monitoring tool with support for HTTP(s), TCP, ping, DNS, and more. Provides a clean dashboard and customizable notifications.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: uptimekuma.\n- `container_name`: Container Name; optional; default: uptimekuma.\n- `volumes_version`: Volumes version; optional; default: latest.\n\n## References\n- [Uptime Kuma](https://uptime.kuma.pet/)\n- [GitHub](https://github.com/louislam/uptime-kuma)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "1.23.17",

library/compose/whoami/template.json

@@ -4,7 +4,8 @@
   "kind": "compose",
   "metadata": {
     "name": "Whoami",
-    "description": "Simple HTTP service that echoes back request information. Useful for testing reverse proxy configurations, load balancers, and network setups.\n## References\n- [GitHub](https://github.com/traefik/whoami)",
+    "description": "Simple HTTP service that echoes back request information. Useful for testing reverse proxy configurations, load balancers, and network setups.",
+    "guide": "## Overview\nSimple HTTP service that echoes back request information. Useful for testing reverse proxy configurations, load balancers, and network setups.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on service names, ports, volumes, credentials, and optional integrations before rendering the stack.\n2. Fill in the required variables first, then enable optional sections such as Traefik, metrics, or extra services only when needed.\n3. Render the Compose project, review the generated files, and start it with Docker Compose in the target directory.\n\n## Variable Guide\n### General\n- `restart_policy`: Container restart policy; required; default: unless-stopped; options: unless-stopped, always, on-failure, no.\n- `container_hostname`: Container hostname (optional); optional; default: whoami.\n\n### Traefik\n- `traefik_host`: Traefik Host; optional; default: whoami.\n- `traefik_network`: Traefik network name; required; default: traefik.\n- `traefik_domain`: Base domain (e.g., example.com); required; default: home.arpa.\n\n### Traefik Tls\n- `traefik_tls_enabled`: Enable HTTPS/TLS; optional; default: true.\n- `traefik_tls_certresolver`: Traefik certificate resolver name; required; default: cloudflare.\n\n## References\n- [GitHub](https://github.com/traefik/whoami)",
     "tags": [
       "traefik",
       "testing",

library/helm/certmanager/template.json

@@ -4,7 +4,8 @@
   "kind": "helm",
   "metadata": {
     "name": "Cert-Manager",
-    "description": "Helm chart for cert-manager, a Kubernetes add-on that automates TLS certificate management and issuance from sources like Let's Encrypt.\n## References\n- [cert-manager](https://cert-manager.io/)\n- [Documentation](https://cert-manager.io/docs/)\n- [Helm Chart](https://charts.jetstack.io)",
+    "description": "Helm chart for cert-manager, a Kubernetes add-on that automates TLS certificate management and issuance from sources like Let's Encrypt.",
+    "guide": "## Overview\nHelm chart for cert-manager, a Kubernetes add-on that automates TLS certificate management and issuance from sources like Let's Encrypt.\n\n## How to Use\nThis template renders `values.yaml` as a file.\n\n1. Choose the release name, namespace, and chart-specific feature flags before rendering the values file.\n2. Fill in required connectivity, credential, and storage settings first, then enable optional integrations only when your cluster needs them.\n3. Render the values file and use it with helm install or helm upgrade for the target cluster.\n\n## Variable Guide\n### General\n- `release_name`: Helm release name; optional; default: cert-manager.\n- `namespace`: Kubernetes namespace; optional; default: cert-manager.\n\n### Networking Configuration\n- `network_mode`: Network mode for service; optional; default: ClusterIP.\n\n### Database Configuration\n- `database_enabled`: Enable database; optional; default: false.\n- `database_type`: Database type; optional; default: postgres; options: postgres, mysql.\n- `database_host`: Database host; optional.\n- `database_port`: Database port; optional; default: 5432.\n- `database_name`: Database name; optional.\n- `database_user`: Database user; optional.\n- `database_password`: Database password; optional.\n\n### DNS Configuration\n- `dns_nameserver_1`: Primary DNS nameserver for DNS01 challenges; optional; default: 1.1.1.1:53.\n- `dns_nameserver_2`: Secondary DNS nameserver for DNS01 challenges; optional; default: 1.0.0.1:53.\n- `dns_recursive_nameservers_only`: Use only recursive nameservers for DNS01 challenges; optional; default: true.\n- `namespace`: Namespace; optional; default: cert-manager.\n- `release_name`: Release Name; optional; default: cert-manager.\n\n## References\n- [cert-manager](https://cert-manager.io/)\n- [Documentation](https://cert-manager.io/docs/)\n- [Helm Chart](https://charts.jetstack.io)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "1.18.2",

library/helm/longhorn/template.json

@@ -4,7 +4,8 @@
   "kind": "helm",
   "metadata": {
     "name": "Longhorn",
-    "description": "Helm chart for Longhorn, a distributed block storage system for Kubernetes with built-in backup, snapshots, and disaster recovery.\n## References\n- [Longhorn](https://longhorn.io/)\n- [Documentation](https://longhorn.io/docs/)\n- [Helm Chart](https://charts.longhorn.io)",
+    "description": "Helm chart for Longhorn, a distributed block storage system for Kubernetes with built-in backup, snapshots, and disaster recovery.",
+    "guide": "## Overview\nHelm chart for Longhorn, a distributed block storage system for Kubernetes with built-in backup, snapshots, and disaster recovery.\n\n## How to Use\nThis template renders `values.yaml` as a file.\n\n1. Choose the release name, namespace, and chart-specific feature flags before rendering the values file.\n2. Fill in required connectivity, credential, and storage settings first, then enable optional integrations only when your cluster needs them.\n3. Render the values file and use it with helm install or helm upgrade for the target cluster.\n\n## Variable Guide\n### General\n- `release_name`: Helm release name; optional; default: longhorn.\n- `namespace`: Kubernetes namespace; optional; default: longhorn-system.\n\n### Networking Configuration\n- `network_mode`: Network mode for service; optional; default: ClusterIP.\n\n### Database Configuration\n- `database_enabled`: Enable database; optional; default: false.\n- `database_type`: Database type; optional; default: postgres; options: postgres, mysql.\n- `database_host`: Database host; optional.\n- `database_port`: Database port; optional; default: 5432.\n- `database_name`: Database name; optional.\n- `database_user`: Database user; optional.\n- `database_password`: Database password; optional.\n\n### Backup Configuration\n- `backup_enabled`: Enable backup target configuration; optional; default: false.\n- `backup_target`: Backup target URL (e.g., s3://bucket or nfs://server/path); optional.\n- `namespace`: Namespace; optional; default: longhorn-system.\n- `release_name`: Release Name; optional; default: longhorn.\n\n### Longhorn UI\n- `ui_replicas`: Number of Longhorn UI replicas; optional; default: 1.\n\n## References\n- [Longhorn](https://longhorn.io/)\n- [Documentation](https://longhorn.io/docs/)\n- [Helm Chart](https://charts.longhorn.io)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "1.9.1",

library/helm/portainer/template.json

@@ -4,7 +4,8 @@
   "kind": "helm",
   "metadata": {
     "name": "Portainer CE",
-    "description": "Helm chart for Portainer Community Edition, a web-based container management platform for Docker and Kubernetes environments.\n## References\n- [Portainer](https://www.portainer.io/)\n- [Documentation](https://docs.portainer.io/)\n- [Helm Chart](https://portainer.github.io/k8s/)",
+    "description": "Helm chart for Portainer Community Edition, a web-based container management platform for Docker and Kubernetes environments.",
+    "guide": "## Overview\nHelm chart for Portainer Community Edition, a web-based container management platform for Docker and Kubernetes environments.\n\n## How to Use\nThis template renders `values.yaml` as a file.\n\n1. Choose the release name, namespace, and chart-specific feature flags before rendering the values file.\n2. Fill in required connectivity, credential, and storage settings first, then enable optional integrations only when your cluster needs them.\n3. Render the values file and use it with helm install or helm upgrade for the target cluster.\n\n## Variable Guide\n### General\n- `release_name`: Helm release name; optional; default: portainer.\n- `namespace`: Kubernetes namespace; optional; default: portainer.\n\n### Networking\n- `network_mode`: Network mode for service; optional; default: ClusterIP.\n\n### Database Configuration\n- `database_enabled`: Enable database; optional; default: false.\n- `database_type`: Database type; optional; default: postgres; options: postgres, mysql.\n- `database_host`: Database host; optional.\n- `database_port`: Database port; optional; default: 5432.\n- `database_name`: Database name; optional.\n- `database_user`: Database user; optional.\n- `database_password`: Database password; optional.\n\n### Traefik Configuration\n- `traefik_enabled`: Enable Traefik ingress; optional; default: false.\n- `traefik_host`: Traefik hostname; optional; default: portainer.home.arpa.\n- `traefik_tls_enabled`: Enable TLS for Traefik ingress; optional; default: false.\n- `traefik_tls_secret`: TLS secret name for Traefik ingress; optional; default: portainer-tls.\n\n### Volume Configuration\n- `volumes_mode`: Volume storage mode; optional; default: pvc; options: pvc, hostPath.\n- `volumes_pvc_name`: PVC name for volumes; optional; default: portainer.\n\n## References\n- [Portainer](https://www.portainer.io/)\n- [Documentation](https://docs.portainer.io/)\n- [Helm Chart](https://portainer.github.io/k8s/)",
     "author": "Christian Lempa",
     "template_version": "2.34.0",
     "icon": {

library/kubernetes/core-configmap/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes ConfigMap",
-    "description": "Kubernetes ConfigMap for storing non-sensitive configuration data as key-value pairs. Decouples configuration from container images.\n## References\n- [ConfigMap Documentation](https://kubernetes.io/docs/concepts/configuration/configmap/)",
+    "description": "Kubernetes ConfigMap for storing non-sensitive configuration data as key-value pairs. Decouples configuration from container images.",
+    "guide": "## Overview\nKubernetes ConfigMap for storing non-sensitive configuration data as key-value pairs. Decouples configuration from container images.\n\n## How to Use\nThis template renders `configmap.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-config.\n- `namespace`: Namespace; optional; default: default.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [ConfigMap Documentation](https://kubernetes.io/docs/concepts/configuration/configmap/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-ingress/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes Ingress",
-    "description": "Kubernetes Ingress resource for HTTP/HTTPS routing to backend services.\n## References\n- [Ingress Documentation](https://kubernetes.io/docs/concepts/services-networking/ingress/)\n## Pre-Requisites\n- An Ingress controller (e.g. Traefik, nginx-ingress) installed in the cluster",
+    "description": "Kubernetes Ingress resource for HTTP/HTTPS routing to backend services.",
+    "guide": "## Overview\nKubernetes Ingress resource for HTTP/HTTPS routing to backend services.\n\n## How to Use\nThis template renders `ingress.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-ingress.\n- `namespace`: Namespace; optional; default: default.\n- `ingress_class`: Ingress class name; optional; default: nginx.\n- `ingress_host`: Hostname for the ingress; optional.\n- `service_name`: Backend service name; optional.\n- `service_port`: Backend service port; optional; default: 80.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [Ingress Documentation](https://kubernetes.io/docs/concepts/services-networking/ingress/)\n## Pre-Requisites\n- An Ingress controller (e.g. Traefik, nginx-ingress) installed in the cluster",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-ingressclass/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes IngressClass",
-    "description": "Kubernetes IngressClass for specifying which Ingress controller handles Ingress resources. Cluster-scoped resource.\n## References\n- [IngressClass Documentation](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)",
+    "description": "Kubernetes IngressClass for specifying which Ingress controller handles Ingress resources. Cluster-scoped resource.",
+    "guide": "## Overview\nKubernetes IngressClass for specifying which Ingress controller handles Ingress resources. Cluster-scoped resource.\n\n## How to Use\nThis template renders `ingressclass.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: nginx.\n- `controller`: Ingress controller identifier (e.g., k8s.io/ingress-nginx); optional; default: k8s.io/ingress-nginx.\n- `is_default`: Set as default IngressClass; optional; default: false.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [IngressClass Documentation](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-persistentvolume/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes PersistentVolume",
-    "description": "Kubernetes PersistentVolume for provisioning cluster-wide storage resources. Cluster-scoped, typically created by administrators.\n## References\n- [PersistentVolume Documentation](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)",
+    "description": "Kubernetes PersistentVolume for provisioning cluster-wide storage resources. Cluster-scoped, typically created by administrators.",
+    "guide": "## Overview\nKubernetes PersistentVolume for provisioning cluster-wide storage resources. Cluster-scoped, typically created by administrators.\n\n## How to Use\nThis template renders `pv.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: pv-nfs.\n- `storage_class`: Storage class name; optional.\n- `storage_size`: Storage capacity (e.g., 10Gi, 1Ti); optional; default: 10Gi.\n- `access_mode`: Access mode; optional; default: ReadWriteMany; options: ReadWriteOnce, ReadOnlyMany, ReadWriteMany, ReadWriteOncePod.\n- `reclaim_policy`: Reclaim policy; optional; default: Retain; options: Retain, Recycle, Delete.\n- `host_path`: Host path for local storage (e.g., /mnt/data); optional; default: /mnt/data.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [PersistentVolume Documentation](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-persistentvolumeclaim/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes PersistentVolumeClaim",
-    "description": "Kubernetes PersistentVolumeClaim for requesting persistent storage. Used by Pods to claim durable storage from available PersistentVolumes.\n## References\n- [PersistentVolumeClaim Documentation](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)",
+    "description": "Kubernetes PersistentVolumeClaim for requesting persistent storage. Used by Pods to claim durable storage from available PersistentVolumes.",
+    "guide": "## Overview\nKubernetes PersistentVolumeClaim for requesting persistent storage. Used by Pods to claim durable storage from available PersistentVolumes.\n\n## How to Use\nThis template renders `pvc.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-pvc.\n- `namespace`: Namespace; optional; default: default.\n- `storage_class`: Storage class name (leave empty for default); optional.\n- `storage_size`: Storage size (e.g., 10Gi, 1Ti); optional; default: 10Gi.\n- `access_mode`: Access mode; optional; default: ReadWriteOnce; options: ReadWriteOnce, ReadOnlyMany, ReadWriteMany, ReadWriteOncePod.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [PersistentVolumeClaim Documentation](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-secret/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes Secret (Opaque)",
-    "description": "Kubernetes Secret (Opaque type) for storing sensitive data like API tokens, passwords, or keys.\n## References\n- [Secret Documentation](https://kubernetes.io/docs/concepts/configuration/secret/)",
+    "description": "Kubernetes Secret (Opaque type) for storing sensitive data like API tokens, passwords, or keys.",
+    "guide": "## Overview\nKubernetes Secret (Opaque type) for storing sensitive data like API tokens, passwords, or keys.\n\n## How to Use\nThis template renders `manifest.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: api-token-secret.\n- `namespace`: Namespace; optional; default: default.\n- `secret_type`: Secret type; optional; default: Opaque.\n- `api_token`: API token value (plain text, Kubernetes will encode it); optional.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [Secret Documentation](https://kubernetes.io/docs/concepts/configuration/secret/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-service/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes Service",
-    "description": "Kubernetes Service for exposing applications running on a set of Pods. Provides stable network endpoints and load balancing.\n## References\n- [Service Documentation](https://kubernetes.io/docs/concepts/services-networking/service/)",
+    "description": "Kubernetes Service for exposing applications running on a set of Pods. Provides stable network endpoints and load balancing.",
+    "guide": "## Overview\nKubernetes Service for exposing applications running on a set of Pods. Provides stable network endpoints and load balancing.\n\n## How to Use\nThis template renders `service.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-service.\n- `namespace`: Namespace; optional; default: default.\n- `service_type`: Service type; optional; default: ClusterIP; options: ClusterIP, NodePort, LoadBalancer, ExternalName.\n- `service_port`: Service port; optional; default: 80.\n- `target_port`: Target port on pods; optional; default: 8080.\n- `protocol`: Protocol; optional; default: TCP; options: TCP, UDP, SCTP.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n- `app_selector`: App label selector (e.g., app.kubernetes.io/name value); optional.\n\n## References\n- [Service Documentation](https://kubernetes.io/docs/concepts/services-networking/service/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-serviceaccount/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes ServiceAccount",
-    "description": "Kubernetes ServiceAccount for providing an identity to processes running in Pods. Controls access permissions to the Kubernetes API.\n## References\n- [ServiceAccount Documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/)",
+    "description": "Kubernetes ServiceAccount for providing an identity to processes running in Pods. Controls access permissions to the Kubernetes API.",
+    "guide": "## Overview\nKubernetes ServiceAccount for providing an identity to processes running in Pods. Controls access permissions to the Kubernetes API.\n\n## How to Use\nThis template renders `serviceaccount.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-serviceaccount.\n- `namespace`: Namespace; optional; default: default.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [ServiceAccount Documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/core-storageclass/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Kubernetes StorageClass",
-    "description": "Kubernetes StorageClass for defining storage types that can be dynamically provisioned.\n## References\n- [StorageClass Documentation](https://kubernetes.io/docs/concepts/storage/storage-classes/)",
+    "description": "Kubernetes StorageClass for defining storage types that can be dynamically provisioned.",
+    "guide": "## Overview\nKubernetes StorageClass for defining storage types that can be dynamically provisioned.\n\n## How to Use\nThis template renders `storageclass.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: standard.\n- `provisioner`: Storage provisioner (e.g., kubernetes.io/no-provisioner, longhorn); optional; default: kubernetes.io/no-provisioner.\n- `volume_binding_mode`: Volume binding mode; optional; default: WaitForFirstConsumer; options: Immediate, WaitForFirstConsumer.\n- `reclaim_policy`: Reclaim policy for volumes; optional; default: Delete; options: Retain, Delete.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [StorageClass Documentation](https://kubernetes.io/docs/concepts/storage/storage-classes/)",
     "author": "Christian Lempa",
     "template_version": "1.31.0",
     "icon": {

library/kubernetes/traefik-ingressroutetcp/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Traefik IngressRouteTCP",
-    "description": "Traefik IngressRouteTCP CRD for TCP routing of non-HTTP protocols like databases, SSH, or any TCP-based service.\n## References\n- [IngressRouteTCP Documentation](https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroutetcp)\n- [Traefik](https://traefik.io)\n## Pre-Requisites\n- Traefik installed as the Ingress controller",
+    "description": "Traefik IngressRouteTCP CRD for TCP routing of non-HTTP protocols like databases, SSH, or any TCP-based service.",
+    "guide": "## Overview\nTraefik IngressRouteTCP CRD for TCP routing of non-HTTP protocols like databases, SSH, or any TCP-based service.\n\n## How to Use\nThis template renders `ingressroutetcp.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-tcp-route.\n- `namespace`: Namespace; optional; default: default.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Configuration\n- `traefik_enabled`: Enable Traefik integration; optional; default: true.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_entrypoint`: Traefik entrypoint for TCP routing; optional; default: tcp.\n- `traefik_service_name`: Backend service name for TCP routing; optional.\n- `traefik_service_port`: Backend service port for TCP routing; optional; default: 5432.\n- `traefik_tls_enabled`: Enable TLS; optional; default: false.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [IngressRouteTCP Documentation](https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroutetcp)\n- [Traefik](https://traefik.io)\n## Pre-Requisites\n- Traefik installed as the Ingress controller",
     "author": "Christian Lempa",
     "template_version": "3.5.3",
     "icon": {

library/kubernetes/traefik-middleware/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Traefik Middleware",
-    "description": "Traefik Middleware CRD for modifying HTTP requests and responses. Supports headers, redirects, rate-limiting, authentication, and more.\n## References\n- [Middleware Documentation](https://doc.traefik.io/traefik/middlewares/overview/)\n- [Traefik](https://traefik.io)\n## Pre-Requisites\n- Traefik installed as the Ingress controller",
+    "description": "Traefik Middleware CRD for modifying HTTP requests and responses. Supports headers, redirects, rate-limiting, authentication, and more.",
+    "guide": "## Overview\nTraefik Middleware CRD for modifying HTTP requests and responses. Supports headers, redirects, rate-limiting, authentication, and more.\n\n## How to Use\nThis template renders `middleware.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: app-middleware.\n- `namespace`: Namespace; optional; default: default.\n- `middleware_type`: Middleware type; optional; default: redirectScheme; options: redirectScheme, stripPrefix, addPrefix, headers, rateLimit.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [Middleware Documentation](https://doc.traefik.io/traefik/middlewares/overview/)\n- [Traefik](https://traefik.io)\n## Pre-Requisites\n- Traefik installed as the Ingress controller",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "3.5.3",

library/kubernetes/twingate-connector/template.json

@@ -4,7 +4,8 @@
   "kind": "kubernetes",
   "metadata": {
     "name": "Twingate Connector",
-    "description": "Twingate Connector for secure zero-trust network access, deployed via the Twingate Kubernetes Operator.\n## References\n- [Twingate](https://www.twingate.com)\n- [Kubernetes Operator Documentation](https://docs.twingate.com/docs/connector-kubernetes-operator)\n## Pre-Requisites\n- Twingate Kubernetes Operator installed in the cluster\n- A Twingate account with configured connector tokens",
+    "description": "Twingate Connector for secure zero-trust network access, deployed via the Twingate Kubernetes Operator.",
+    "guide": "## Overview\nTwingate Connector for secure zero-trust network access, deployed via the Twingate Kubernetes Operator.\n\n## How to Use\nThis template renders `connector.yaml` as a file.\n\n1. Start with the resource name, namespace, and any required networking or storage settings.\n2. Fill in required fields first, then enable optional sections such as TLS, annotations, or extra selectors only when they match your cluster setup.\n3. Render the manifest and apply it to the target cluster after confirming the generated resource matches your platform conventions.\n\n## Variable Guide\n### General\n- `resource_name`: Resource Name; optional; default: twingate-connector.\n- `namespace`: Namespace; optional; default: default.\n- `image_tag`: Twingate connector image tag; optional; default: 1.74.0.\n- `connector_name`: Twingate connector name; optional.\n- `status_notifications`: Enable status notifications; optional; default: true.\n\n### Resource Limits\n- `resources_enabled`: Enable resource limits and requests; optional; default: false.\n- `resources_cpu_limit`: CPU limit; optional; default: 100m.\n- `resources_cpu_request`: CPU request; optional; default: 50m.\n- `resources_memory_limit`: Memory limit; optional; default: 128Mi.\n- `resources_memory_request`: Memory request; optional; default: 64Mi.\n\n### Traefik Integration\n- `traefik_enabled`: Enable Traefik integration; optional; default: false.\n- `traefik_host`: Traefik host; optional.\n- `traefik_domain`: Traefik domain; optional.\n- `traefik_tls_enabled`: Enable TLS; optional; default: true.\n- `traefik_tls_certresolver`: TLS certificate resolver; optional; default: letsencrypt-prod.\n\n## References\n- [Twingate](https://www.twingate.com)\n- [Kubernetes Operator Documentation](https://docs.twingate.com/docs/connector-kubernetes-operator)\n## Pre-Requisites\n- Twingate Kubernetes Operator installed in the cluster\n- A Twingate account with configured connector tokens",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "1.74.0",

library/swarm/nginx/template.json

@@ -4,7 +4,8 @@
   "kind": "swarm",
   "metadata": {
     "name": "Nginx",
-    "description": "High-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.\n## References\n- [Nginx](https://nginx.org/)\n- [Documentation](https://nginx.org/en/docs/)\n- [GitHub](https://github.com/nginx/nginx)",
+    "description": "High-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.",
+    "guide": "## Overview\nHigh-performance web server, reverse proxy, and load balancer known for stability, low resource consumption, and simple configuration.\n\n## How to Use\nThis template renders `compose.yaml` as a file.\n\n1. Decide on stack naming, networking, ports, and persistent storage before rendering the stack.\n2. Fill in required service settings first, then enable optional integrations such as Traefik, databases, or metrics only when needed.\n3. Render the stack files, review placement and secret handling, and deploy them with Docker Swarm in the target environment.\n\n## Variable Guide\n### General\n- `service_name`: Service Name; optional; default: nginx.\n- `container_timezone`: Container Timezone; optional; default: UTC.\n- `traefik_tls_entrypoint`: Traefik Tls Entrypoint; optional.\n- `traefik_tls_certresolver`: Traefik Tls Certresolver; optional.\n- `swarm_replicas`: Number of replicas for Swarm mode; optional; default: 1.\n- `swarm_placement_host`: The placement host; optional.\n- `swarm_placement_mode`: The placement mode; optional; default: replicated.\n\n### Ports\n- `ports_http`: HTTP port for nginx service; optional; default: 8080.\n- `ports_https`: HTTPS port for nginx service; optional; default: 8443.\n\n### Traefik\n- `traefik_enabled`: Traefik Enabled; optional; default: false.\n- `traefik_network`: Traefik Network; optional; default: traefik.\n- `traefik_host`: Traefik Host; optional; default: nginx.\n- `traefik_domain`: Traefik Domain; optional; default: home.arpa.\n- `traefik_entrypoint`: Traefik Entrypoint; optional; default: web.\n\n### Network\n- `network_mode`: Network Mode; optional; default: bridge; options: bridge, host, macvlan.\n- `network_name`: Network Name; optional; default: bridge.\n\n## References\n- [Nginx](https://nginx.org/)\n- [Documentation](https://nginx.org/en/docs/)\n- [GitHub](https://github.com/nginx/nginx)",
     "tags": [
       "traefik"
     ],

library/terraform/dns-a-record-tsig/template.json

@@ -4,7 +4,8 @@
   "kind": "terraform",
   "metadata": {
     "name": "DNS A Record (TSIG)",
-    "description": "Creates a DNS A record using TSIG-authenticated dynamic DNS updates. Maps a hostname to an IP address on a TSIG-enabled DNS server.\n## References\n- [Terraform DNS Provider](https://registry.terraform.io/providers/hashicorp/dns/latest/docs)\n- [RFC 2845 - TSIG](https://datatracker.ietf.org/doc/html/rfc2845)",
+    "description": "Creates a DNS A record using TSIG-authenticated dynamic DNS updates. Maps a hostname to an IP address on a TSIG-enabled DNS server.",
+    "guide": "## Overview\nCreates a DNS A record using TSIG-authenticated dynamic DNS updates. Maps a hostname to an IP address on a TSIG-enabled DNS server.\n\n## How to Use\nThis template renders `main.tf` as a file.\n\n1. Start with the provider, resource identifiers, and required input values for the infrastructure you want to manage.\n2. Fill in required fields first, then enable optional lifecycle, dependency, or metadata sections only when they fit your workflow.\n3. Render the Terraform files and run terraform fmt, terraform plan, and terraform apply in the target workspace.\n\n## Variable Guide\n### Provider Configuration\n- `provider_server`: DNS server address; required.\n- `provider_tsig_key_secret`: TSIG key secret; required.\n\n### DNS A Record Configuration\n- `dns_hostname`: Hostname for the A record; required.\n- `dns_zone`: DNS zone for the A record; required.\n- `ip_address`: IP address to map to the hostname; required.\n- `dns_ttl`: Time to live (TTL) for the DNS record in seconds (default: 3600); optional.\n\n## References\n- [Terraform DNS Provider](https://registry.terraform.io/providers/hashicorp/dns/latest/docs)\n- [RFC 2845 - TSIG](https://datatracker.ietf.org/doc/html/rfc2845)",
     "tags": [],
     "author": "Christian Lempa",
     "template_version": "3.4.3",