diff --git a/ansible/infra/nodito/33_proxmox_debian_cloud_template.yml b/ansible/infra/nodito/33_proxmox_debian_cloud_template.yml
index 6a123d7..e0fedcd 100644
--- a/ansible/infra/nodito/33_proxmox_debian_cloud_template.yml
+++ b/ansible/infra/nodito/33_proxmox_debian_cloud_template.yml
@@ -39,8 +39,6 @@
       changed_when: false
       failed_when: pve_version_check.rc != 0
 
-    
-
     - name: Ensure destination directory exists for cloud image
       file:
         path: "{{ debian_cloud_image_dest_dir }}"
@@ -75,18 +73,31 @@
         state: directory
         mode: '0755'
 
+    - name: Read SSH public key content
+      slurp:
+        src: "{{ proxmox_sshkey_path }}"
+      register: ssh_key_content
+
+    - name: Extract SSH keys from authorized_keys file
+      set_fact:
+        ssh_keys_list: "{{ ssh_key_content.content | b64decode | split('\n') | select('match', '^ssh-') | list }}"
+
     - name: Write cloud-init user-data snippet to install qemu-guest-agent
       copy:
         dest: "{{ zfs_pool_mountpoint }}/snippets/{{ qemu_agent_snippet_filename }}"
         mode: '0644'
         content: |
           #cloud-config
-          package_update: false
-          package_upgrade: false
+          user: {{ proxmox_ciuser }}
+          ssh_authorized_keys:
+          {{ ssh_keys_list | to_nice_yaml | indent(10, first=True) }}
+          package_update: true
+          package_upgrade: true
           packages:
             - qemu-guest-agent
           runcmd:
-            - [ systemctl, enable, --now, qemu-guest-agent ]
+            - systemctl enable qemu-guest-agent
+            - systemctl start qemu-guest-agent
 
     - name: Check if VMID already exists
       command: qm config {{ proxmox_template_vmid }}
@@ -133,6 +144,7 @@
     - name: Remove existing ide2 (cloudinit) drive if it exists for idempotency
       command: >
         qm set {{ proxmox_template_vmid }} --delete ide2
+      register: ide2_removed
       when:
         - vmid_config_check.rc == 0
         - "'ide2:' in vm_config_check.stdout"
@@ -159,13 +171,13 @@
             + ['--cicustom user=local:snippets/' ~ qemu_agent_snippet_filename]
           }}
       when:
-        - vmid_config_check.rc != 0 or not vm_already_template | default(false)
+        - vmid_config_check.rc != 0 or not vm_already_template | default(false) or ide2_removed.changed | default(false)
 
     - name: Apply consolidated qm set
       command: >
         qm set {{ proxmox_template_vmid }} {{ qm_set_args | join(' ') }}
       when:
-        - vmid_config_check.rc != 0 or not vm_already_template | default(false)
+        - vmid_config_check.rc != 0 or not vm_already_template | default(false) or ide2_removed.changed | default(false)
 
     - name: Resize primary disk to requested size
       command: >
@@ -177,13 +189,3 @@
       command: qm template {{ proxmox_template_vmid }}
       when:
         - vmid_config_check.rc == 0 and not vm_already_template or vmid_config_check.rc != 0
-
-    - name: Show resulting template configuration
-      command: qm config {{ proxmox_template_vmid }}
-      register: final_template_config
-      changed_when: false
-
-    - name: Debug final template config
-      debug:
-        msg: "{{ final_template_config.stdout }}"
-