diff --git a/agents.tf b/agents.tf
index 39562e6..7e9724e 100644
--- a/agents.tf
+++ b/agents.tf
@@ -24,10 +24,7 @@ resource "hcloud_server" "agents" {
   }
 
   provisioner "file" {
-    content = templatefile("${path.module}/templates/config.ign.tpl", {
-      name           = self.name
-      ssh_public_key = local.ssh_public_key
-    })
+    content     = local.ignition_config
     destination = "/root/config.ign"
   }
 
diff --git a/locals.tf b/locals.tf
index 6c5a399..ce74971 100644
--- a/locals.tf
+++ b/locals.tf
@@ -38,6 +38,34 @@ locals {
     "umount /mnt"
   ]
 
+  ignition_config = jsonencode({
+    ignition = {
+      version = "3.0.0"
+    }
+    passwd = {
+      users = [{
+        name              = "root"
+        sshAuthorizedKeys = concat([local.ssh_public_key], var.additional_public_keys)
+      }]
+    }
+    storage = {
+      files = [
+        {
+          path      = "/etc/sysconfig/network/ifcfg-eth1"
+          mode      = 420
+          overwrite = true
+          contents  = { "source" = "data:,BOOTPROTO%3D%27dhcp%27%0ASTARTMODE%3D%27auto%27" }
+        },
+        {
+          path      = "/etc/ssh/sshd_config.d/kube-hetzner.conf"
+          mode      = 420
+          overwrite = true
+          contents  = { "source" = "data:,PasswordAuthentication%20no%0AX11Forwarding%20no%0AMaxAuthTries%202%0AAllowTcpForwarding%20no%0AAllowAgentForwarding%20no%0AAuthorizedKeysFile%20.ssh%2Fauthorized_keys" }
+        }
+      ]
+    }
+  })
+
   combustion_script = <<EOF
 #!/bin/bash
 # combustion: network
@@ -60,4 +88,5 @@ udevadm settle
   install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=server sh -"])
 
   install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_EXEC=agent sh -"])
+
 }
diff --git a/master.tf b/master.tf
index fb1acd0..9096ab1 100644
--- a/master.tf
+++ b/master.tf
@@ -22,10 +22,7 @@ resource "hcloud_server" "first_control_plane" {
   }
 
   provisioner "file" {
-    content = templatefile("${path.module}/templates/config.ign.tpl", {
-      name           = self.name
-      ssh_public_key = local.ssh_public_key
-    })
+    content     = local.ignition_config
     destination = "/root/config.ign"
   }
 
diff --git a/servers.tf b/servers.tf
index e574a7e..18b48b7 100644
--- a/servers.tf
+++ b/servers.tf
@@ -23,10 +23,7 @@ resource "hcloud_server" "control_planes" {
   }
 
   provisioner "file" {
-    content = templatefile("${path.module}/templates/config.ign.tpl", {
-      name           = self.name
-      ssh_public_key = local.ssh_public_key
-    })
+    content     = local.ignition_config
     destination = "/root/config.ign"
   }
 
diff --git a/templates/config.ign.tpl b/templates/config.ign.tpl
deleted file mode 100644
index 009807e..0000000
--- a/templates/config.ign.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{
-  "ignition": {
-    "version": "3.0.0"
-  },
-  "passwd": {
-    "users": [
-      {
-        "name": "root",
-        "sshAuthorizedKeys": [
-          "${ssh_public_key}"
-        ]
-      }
-    ]
-  },
-  "storage": {
-    "files": [
-      {
-        "path": "/etc/sysconfig/network/ifcfg-eth1",
-        "mode": 420,
-        "overwrite": true,
-        "contents": { "source": "data:,BOOTPROTO%3D%27dhcp%27%0ASTARTMODE%3D%27auto%27" }
-      },
-      {
-        "path": "/etc/ssh/sshd_config.d/kube-hetzner.conf",
-        "mode": 420,
-        "overwrite": true,
-        "contents": { "source": "data:,PasswordAuthentication%20no%0AX11Forwarding%20no%0AMaxAuthTries%202%0AAllowTcpForwarding%20no%0AAllowAgentForwarding%20no%0AAuthorizedKeysFile%20.ssh%2Fauthorized_keys" }
-      }
-    ]
-  }
-}
diff --git a/variables.tf b/variables.tf
index e23c2bc..9346e5d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -14,6 +14,12 @@ variable "private_key" {
   type        = string
 }
 
+variable "additional_public_keys" {
+  description = "Additional SSH public Keys. Use them to grant other team members root access to your cluster nodes"
+  type        = list(string)
+  default     = []
+}
+
 variable "location" {
   description = "Default server location"
   type        = string