SSH authorized keys should be managed through Ansible. I plan on adding it.

Current state is to use authorized_keys2 because authorized_keys is managed by Octopuce's Puppet, therefore any modification would be erased. Everything is on root account, we don't have personal accounts.

For now we'll keep working with it.

As for the question: I'll do a common role in the repository. As it's not the kind of role you keep generic, I don't think having it in a separate repository is the way to go.

Now two questions:

• Current files seems to have been modified, people in the files are not the same as those in the pad. Do I refer to the server file as the truth and use this?
• Do you prefer to keep it as simple as possible and just do a bare copy of the file, or a template and configure every user and parameters in a config file instead?