diff --git a/docs/roles/aws/aws_acl.md b/docs/roles/aws/aws_acl.md
index 18ee0bdaa..80e642420 100644
--- a/docs/roles/aws/aws_acl.md
+++ b/docs/roles/aws/aws_acl.md
@@ -14,6 +14,7 @@ aws_acl:
     scope: CLOUDFRONT # Can be REGIONAL for ALBs
     region: "us-east-1"
     tags: "{{ _aws_tags }}"
+    recreate: true # set to false to avoid creating the ACL
     rules:
       rate_limit:
         value: 600 # set to 0 to skip rate limit rule, set to a value to set how many requests to allow in period before blocking
@@ -21,12 +22,12 @@ aws_acl:
       ip_sets:
         - rule_name: "Allowed-IPs-rule"
           set_name: "Allowed-IPs-set"
-          description: "List of IPs from our VPNs - Ansible managed"
+          description: "List of IPs to whitelist - Ansible managed"
           action: allow
           priority: 1
           list:
-            - 3.11.82.252/32 # main VPN
-            - 159.100.242.248/32 # backup VPN, bastion2
+            - 1.1.1.1/32
+            - 2.2.2.2/32
       country_codes:
         - name: "allowed-countries"
           action: allow
diff --git a/docs/roles/debian/nodejs.md b/docs/roles/debian/nodejs.md
index 0e4624ee1..c121efb58 100644
--- a/docs/roles/debian/nodejs.md
+++ b/docs/roles/debian/nodejs.md
@@ -8,7 +8,7 @@ Installs NodeJS from official repos.
 ---
 nodejs:
   # Used by apt_unattended_upgrades
-  apt_origin_nodejs: "origin=Node Source,codename=nodistro,label=Node Source" # nodejs repo
+  apt_origin_nodejs: "origin=. nodistro,codename=nodistro,label=. nodistro" # nodejs repo
   apt_signed_by_nodejs: https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key
   apt_origin_yarn: "origin=yarn,codename=stable,label=yarn-stable" # yarn repo
   apt_signed_by_yarn: https://dl.yarnpkg.com/debian/pubkey.gpg
diff --git a/roles/aws/aws_acl/README.md b/roles/aws/aws_acl/README.md
index 18ee0bdaa..80e642420 100644
--- a/roles/aws/aws_acl/README.md
+++ b/roles/aws/aws_acl/README.md
@@ -14,6 +14,7 @@ aws_acl:
     scope: CLOUDFRONT # Can be REGIONAL for ALBs
     region: "us-east-1"
     tags: "{{ _aws_tags }}"
+    recreate: true # set to false to avoid creating the ACL
     rules:
       rate_limit:
         value: 600 # set to 0 to skip rate limit rule, set to a value to set how many requests to allow in period before blocking
@@ -21,12 +22,12 @@ aws_acl:
       ip_sets:
         - rule_name: "Allowed-IPs-rule"
           set_name: "Allowed-IPs-set"
-          description: "List of IPs from our VPNs - Ansible managed"
+          description: "List of IPs to whitelist - Ansible managed"
           action: allow
           priority: 1
           list:
-            - 3.11.82.252/32 # main VPN
-            - 159.100.242.248/32 # backup VPN, bastion2
+            - 1.1.1.1/32
+            - 2.2.2.2/32
       country_codes:
         - name: "allowed-countries"
           action: allow
diff --git a/roles/aws/aws_acl/defaults/main.yml b/roles/aws/aws_acl/defaults/main.yml
index 73bf1ad91..0aaddb520 100644
--- a/roles/aws/aws_acl/defaults/main.yml
+++ b/roles/aws/aws_acl/defaults/main.yml
@@ -5,6 +5,7 @@ aws_acl:
     scope: CLOUDFRONT # Can be REGIONAL for ALBs
     region: "us-east-1"
     tags: "{{ _aws_tags }}"
+    recreate: true # set to false to avoid creating the ACL
     rules:
       rate_limit:
         value: 600 # set to 0 to skip rate limit rule, set to a value to set how many requests to allow in period before blocking
@@ -12,12 +13,12 @@ aws_acl:
       ip_sets:
         - rule_name: "Allowed-IPs-rule"
           set_name: "Allowed-IPs-set"
-          description: "List of IPs from our VPNs - Ansible managed"
+          description: "List of IPs to whitelist - Ansible managed"
           action: allow
           priority: 1
           list:
-            - 3.11.82.252/32 # main VPN
-            - 159.100.242.248/32 # backup VPN, bastion2
+            - 1.1.1.1/32
+            - 2.2.2.2/32
       country_codes:
         - name: "allowed-countries"
           action: allow
diff --git a/roles/aws/aws_acl/tasks/bot_control.yml b/roles/aws/aws_acl/tasks/bot_control.yml
index 38f713387..d81296151 100644
--- a/roles/aws/aws_acl/tasks/bot_control.yml
+++ b/roles/aws/aws_acl/tasks/bot_control.yml
@@ -129,7 +129,7 @@
 - name: Set priority.
   ansible.builtin.include_tasks: set_priority_dict.yml
   vars:
-    _priority: "{{ bot_control.priority }}"
+    _priority: "{{ _acl.rules.bot_control.priority }}"
 
 - name: Append priority to rule.
   ansible.builtin.set_fact:
diff --git a/roles/aws/aws_acl/tasks/main.yml b/roles/aws/aws_acl/tasks/main.yml
index d432c1d82..d0bcda7f8 100644
--- a/roles/aws/aws_acl/tasks/main.yml
+++ b/roles/aws/aws_acl/tasks/main.yml
@@ -1,11 +1,13 @@
 ---
 - name: Create ACLs when list is passed.
   ansible.builtin.include_tasks: create_acl.yml
-  when: aws_acl | type_debug == 'list'
   loop: "{{ aws_acl | list }}"
   loop_control:
     loop_var: _acl
+  when:
+    - aws_acl | type_debug == 'list'
+    - _acl.recreate is not defined or _acl.recreate
 
-- name: Set ACL to CF/ALB.
+- name: Set ACL to CF/ALB if dict is passed.
   ansible.builtin.include_tasks: set_acl.yml
   when: aws_acl | type_debug == 'dict'
diff --git a/roles/debian/nodejs/README.md b/roles/debian/nodejs/README.md
index 0e4624ee1..c121efb58 100644
--- a/roles/debian/nodejs/README.md
+++ b/roles/debian/nodejs/README.md
@@ -8,7 +8,7 @@ Installs NodeJS from official repos.
 ---
 nodejs:
   # Used by apt_unattended_upgrades
-  apt_origin_nodejs: "origin=Node Source,codename=nodistro,label=Node Source" # nodejs repo
+  apt_origin_nodejs: "origin=. nodistro,codename=nodistro,label=. nodistro" # nodejs repo
   apt_signed_by_nodejs: https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key
   apt_origin_yarn: "origin=yarn,codename=stable,label=yarn-stable" # yarn repo
   apt_signed_by_yarn: https://dl.yarnpkg.com/debian/pubkey.gpg
diff --git a/roles/debian/nodejs/tasks/main.yml b/roles/debian/nodejs/tasks/main.yml
index 800d519db..3128b7bb8 100644
--- a/roles/debian/nodejs/tasks/main.yml
+++ b/roles/debian/nodejs/tasks/main.yml
@@ -4,7 +4,7 @@
     name: debian/apt_repository
   vars:
     apt_repository:
-      legacy_repo: "deb https://deb.nodesource.com/node_{{ nodejs.version }} {{ ansible_distribution_release }} main"
+      legacy_repo: "deb https://deb.nodesource.com/node_{{ nodejs.version }} nodistro main"
       format: deb822
       name: nodejs
       types:
diff --git a/roles/debian/php-fpm/defaults/main.yml b/roles/debian/php-fpm/defaults/main.yml
index bd11bd594..120525f84 100644
--- a/roles/debian/php-fpm/defaults/main.yml
+++ b/roles/debian/php-fpm/defaults/main.yml
@@ -13,7 +13,7 @@ php:
     # It is important to scale up processes on bigger servers, so that more
     # requests can be handled. Double the number of vCPUs is a good default.
     # Can be between 5 and 64.
-    max_children: "{{ [5, [ansible_facts.processor_vcpus * 2, 64] | min] | max }}"
+    max_children: "{{ [5, [ansible_facts.ansible_processor_nproc * 2, 64] | min] | max }}"
     start_servers: 2
     min_spare_servers: 1
     max_spare_servers: 3