defaults/main.yml

@@ -19,4 +19,5 @@ enable_sudo: yes
 # Allow passwordless sudo (applied to group wheel)
 enable_passwordless_sudo: yes
 # Skip provisioning of the firewall
-skip_firewall: no
+skip_firewall: no
+authorized_keys_are_exclusive: false # Be careful, this will delete non-Ansible-managed authorized keys from the target!

tasks/users.yml

@@ -44,8 +44,9 @@
     user: "{{ item }}"
     state: present
     key: "{{ lookup('file', 'public_keys/id_{{ item }}.pub') }}"
+    exclusive: "{{ authorized_keys_are_exclusive | bool }}"
   with_items: "{{ users }}"
-  ignore_errors: yes
+  ignore_errors: true
 
 - block:
     - name: 'Ensure that wheel group is existing'