diff --git a/CHANGELOG.md b/CHANGELOG.md
index e8a249ad..8f5e0e0c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,56 +12,67 @@ The **patch** part changes is incremented if multiple releases happen the same m
 
 ### Added
 
-* all: Use proper keyrings directory for APT version
-* all: Add signed-by option for additional APT sources
+### Changed
+
+### Fixed
+
+### Removed
+
+### Security
+
+## [22.12] 2022-12-14
+
+### Added
+
+* all: add signed-by option for additional APT sources
 * all: preliminary work to support Debian 12
+* all: use proper keyrings directory for APT version
 * evolinux-base: replace regular kernel by cloud kernel on virtual servers
-* lxc-php: set php-fpm umask to 007
-* nagios-nrpe: check_ceph_*
-* nagios-nrpe: check_haproxy_stats supports DRAIN status
-* packweb-apache: enable log_forensic module
-* varnish: create special tmp directory for syntax validation
+* lxc-php: set php-fpm umask to `007`
+* nagios-nrpe: `check_ceph_*`
+* nagios-nrpe: `check_haproxy_stats` supports DRAIN status
+* packweb-apache: enable `log_forensic` module
 * rabbitmq: add link in default page
+* varnish: create special tmp directory for syntax validation
 
 ### Changed
 
 * certbot: auto-detect HAPEE version in renewal hook
 * evocheck: install script according to Debian version
-* evolinux-base: utils.yml can be excluded
+* evolinux-base: `utils.yml` can be excluded
 * evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
-* evolinux-user: Add sudoers privilege for check php\_fpm81
+* evolinux-user: add sudoers privilege for check `php_fpm81`
 * evomaintenance: allow missing API endpoint if APi is disabled
 * java: use default JRE package when version is not specified
+* keepalived: change exit code (_warning_ if running but not on expected state ; _critical_ if not running)
 * listupgrade: better detection for PostgreSQL
 * listupgrade: sort/uniq of packages/services lists in email template
 * lxc-solr: detect the real partition options
 * lxc-solr: download URL according to Solr Version
 * lxc-solr: set homedir and port at install
 * minifirewall: whitelist deb.freexian.com
+* openvpn: shellpki upstream release 22.12.2
+* openvpn: specifies that the mail for expirations is for OpenVPN
 * packweb-apache: manual dependencies resolution
 * redis: some values should be quoted
 * redis: variable to disable transparent hugepage (default: do nothing)
-* squid: whitelist deb.freexian.com
+* squid: whitelist `deb.freexian.com`
 * varnish: better package facts usage with check mode and tags
 * varnish: systemd override depends on Varnish version instead of Debian version
-* keepalived: change exit code (warning if running but not on expected state ; critical if not running)
-* openvpn: shellpki upstream release 22.12.2
-* openvpn: specifies that the mail for expirations is for OpenVPN
 
 ### Fixed
 
-* evolinux-user: Fix sudoers privilege for check php\_fpm80
+* evolinux-user: Fix sudoers privilege for check `php_fpm80`
 * nagios-nrpe: Fix check opendkim for recent change in listening port
-* varnish: fix missing state, that blocked the task
-* proftpd: Fix format of public key files controlled by ansible
-* proftpd: Fix mode of public key directory and files (they have to be accessible by proftpd:nobody)
 * openvpn: Fix mode of shellpki script
+* proftpd: Fix format of public key files controlled by Ansible
+* proftpd: Fix mode of public key directory and files (they have to be accessible by `proftpd:nobody`)
+* varnish: fix missing state, that blocked the task
 
 ### Removed
 
 * openvpn: Deleted the task fixing the CRL rights since it has been fixed in upstream
 
-### Security
 
 ## [22.09] 2022-09-19
 
@@ -194,7 +205,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * minifirewall: tail template follows symlinks
 * mysql: add "set crypt_use_gpgme=no" Mutt option, for mysqltuner
 
-### Fixed
+### Fixed
 
 * Role `postfix`: Add missing `localhost.localdomain localhost` to `mydestination` variable which caused undelivered of some local mails.
 
diff --git a/apache/tasks/main.yml b/apache/tasks/main.yml
index 39c8db24..1a028205 100644
--- a/apache/tasks/main.yml
+++ b/apache/tasks/main.yml
@@ -64,7 +64,6 @@
   when: apache_mpm == "prefork" or apache_mpm == "itk"
   tags:
     - apache
-  when: not ansible_check_mode
 
 
 - name: Copy Apache defaults config file
@@ -134,7 +133,6 @@
   when: apache_evolinux_default_enabled | bool
   tags:
     - apache
-  when: not ansible_check_mode
 
 - include: server_status.yml
   tags:
@@ -160,7 +158,6 @@
   when: envvar_grep_umask.rc != 0
   tags:
     - apache
-  when: not ansible_check_mode
 
 - include_role:
     name: evolix/remount-usr
diff --git a/evomaintenance/templates/evomaintenance.j2 b/evomaintenance/templates/evomaintenance.j2
index 006d1c09..4a068fe6 100644
--- a/evomaintenance/templates/evomaintenance.j2
+++ b/evomaintenance/templates/evomaintenance.j2
@@ -11,7 +11,7 @@ FULLFROM="{{ evomaintenance_full_from }}"
 URGENCYFROM={{ evomaintenance_urgency_from }}
 URGENCYTEL="{{ evomaintenance_urgency_tel }}"
 REALM="{{ evomaintenance_realm }}"
-API_ENDPOINT={{ evomaintenance_api_endpoint }}
+API_ENDPOINT={{ evomaintenance_api_endpoint }}
 API_KEY={{ evomaintenance_api_key }}
 
 HOOK_API={{ evomaintenance_hook_api | bool | ternary('1','0') }}
diff --git a/fail2ban/templates/jail.local.j2 b/fail2ban/templates/jail.local.j2
index 19c4f35b..3738ee33 100644
--- a/fail2ban/templates/jail.local.j2
+++ b/fail2ban/templates/jail.local.j2
@@ -38,7 +38,7 @@ bantime = {{ fail2ban_recidive_bantime }}
 # Evolix custom jails 
 
 [wordpress-hard]
-enabled = {{ fail2ban_wordpress_hard }}
+enabled = {{ fail2ban_wordpress_hard }}
 port = http, https
 filter = wordpress-hard
 logpath = /var/log/auth.log
@@ -47,7 +47,7 @@ findtime = {{ fail2ban_wordpress_hard_findtime }}
 bantime = {{ fail2ban_wordpress_hard_bantime }}
 
 [wordpress-soft]
-enabled = {{ fail2ban_wordpress_soft }}
+enabled = {{ fail2ban_wordpress_soft }}
 port = http, https
 filter = wordpress-soft
 logpath = /var/log/auth.log
@@ -56,7 +56,7 @@ findtime = {{ fail2ban_wordpress_soft_findtime }}
 bantime = {{ fail2ban_wordpress_soft_bantime }}
 
 [roundcube]
-enabled  = {{ fail2ban_roundcube }}
+enabled  = {{ fail2ban_roundcube }}
 port     = http, https
 filter   = roundcube
 logpath  = /var/lib/roundcube/logs/errors
diff --git a/lxc-php/tasks/umask.yml b/lxc-php/tasks/umask.yml
index 170851ab..8dc9039a 100644
--- a/lxc-php/tasks/umask.yml
+++ b/lxc-php/tasks/umask.yml
@@ -1,27 +1,27 @@
 # Ajoute UMask=0007 à l'unité systemd PHP-FPM du conteneur LXC
-# dans /etc/systemd/system/phpX.X-fpm.service.d/evolinux.conf
+# dans /etc/systemd/system/phpX.X-fpm.service.d/evolinux.conf
 ---
 
 - name: "Définis le chemin du système de fichiers du conteneur LXC."
   set_fact:
-    lxc_rootfs_path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
+    lxc_rootfs_path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
 
 - name: "Crée des répertoires (si absents) pour surcharger la config des services PHP dans les conteneurs LXC."
   ansible.builtin.file:
-    path: "{{ lxc_rootfs_path }}/etc/systemd/system/{{ lxc_php_services[lxc_php_version] }}.d"
+    path: "{{ lxc_rootfs_path }}/etc/systemd/system/{{ lxc_php_services[lxc_php_version] }}.d"
     state: directory
   register: systemd_path
     
 - name: "[Service] est présent dans la surchage des services PHP-FPM des conteneurs LXC."
   ansible.builtin.lineinfile:
-    path: "{{ systemd_path.path }}/evolinux.conf"
+    path: "{{ systemd_path.path }}/evolinux.conf"
     regex: "\\[Service\\]"
     line: "[Service]"
     create: yes
 
 - name: "UMask=0007 est présent dans la surchage des services PHP-FPM des conteneurs LXC."
   ansible.builtin.lineinfile:
-    path: "{{ systemd_path.path }}/evolinux.conf"
+    path: "{{ systemd_path.path }}/evolinux.conf"
     regex: "^UMask="
     line: "UMask=0007"
     insertafter: "\\[Service\\]"
diff --git a/packweb-apache/tasks/update_userlogrotate.yml b/packweb-apache/tasks/update_userlogrotate.yml
index a94080b0..1e8a6d85 100644
--- a/packweb-apache/tasks/update_userlogrotate.yml
+++ b/packweb-apache/tasks/update_userlogrotate.yml
@@ -9,7 +9,7 @@
 - name: "Met-à-jour userlogrotate"
   ansible.builtin.copy:
     src: userlogrotate
-    dest: "{{ item }}"
+    dest: "{{ item }}"
     mode: "0755"
   loop: "{{ find_logrotate.files }}"
   when: find_logrotate.files | length>0
diff --git a/tomcat-instance/defaults/main.yml b/tomcat-instance/defaults/main.yml
index 6a2ec877..92e68738 100644
--- a/tomcat-instance/defaults/main.yml
+++ b/tomcat-instance/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
 tomcat_instance_java_path: '/usr/lib/jvm/java-7-openjdk-amd64'
 tomcat_instance_root: '/srv/tomcat'
-tomcat_instance_shutdown: "{{ tomcat_instance_port | int + 1 }}"
+tomcat_instance_shutdown: "{{ tomcat_instance_port | int + 1 }}"
 tomcat_instance_mps: 256
diff --git a/vrrpd/tasks/ip.yml b/vrrpd/tasks/ip.yml
index 59594395..273c882e 100644
--- a/vrrpd/tasks/ip.yml
+++ b/vrrpd/tasks/ip.yml
@@ -17,4 +17,6 @@
     daemon_reload: yes
     enabled: yes
     state: "{{ vrrp_address.state }}"
-  when: vrrp_systemd_unit is changed
\ No newline at end of file
+  when: 
+  - vrrp_systemd_unit is changed
+  - not ansible_check_mode
\ No newline at end of file