diff --git a/group_vars/all/plain.yml b/group_vars/all/plain.yml
index 5260896..e48e6d4 100644
--- a/group_vars/all/plain.yml
+++ b/group_vars/all/plain.yml
@@ -58,13 +58,20 @@ alertmanager_channel_smardigo: "#monitoring-{{ stage }}"
 hetzner_server_type: cx11
 hetzner_server_image: ubuntu-20.04
 
+awx_ansible_user_name: "awx"
+awx_ansible_user_ssh_key_private: "{{ ansible_ssh_key_private_vault }}"
+awx_credential_machine_hetzner_name: hetzner-ansible-ssh
+
+gitlab_ansible_user_name: "gitlabci"
+
 # used for root-access by hetzner on server creation (@see cloud console/security/ssh-keys)
 hetzner_ssh_keys:
-  - awx@netgo.de
-  - sven.ketelsen@netgo.de
-  - peter.heise@netgo.de
-  - claus.paetow@netgo.de
-  - friedrich.goerz@netgo.de
+  - "claus.paetow@netgo.de"
+  - "friedrich.goerz@netgo.de"
+  - "peter.heise@netgo.de"
+  - "sven.ketelsen@netgo.de"
+  - "{{ awx_ansible_user_name }}@netgo.de"
+  - "{{ gitlab_ansible_user_name }}@netgo.de"
 
 hetzner_server_labels: "stage={{ stage }}"
 
@@ -91,10 +98,6 @@ sudo_group: "{{ sudo_groups
   | first
   | replace('.','-') }}"
 
-awx_ansible_user_name: "awx"
-awx_ansible_user_ssh_key_private: "{{ ansible_ssh_key_private_vault }}"
-awx_credential_machine_hetzner_name: hetzner-ansible-ssh
-
 # whitelist for outdated user detection - they wont't be deleted at all
 default_plattform_users:
   - 'nobody'
@@ -110,6 +113,7 @@ smardigo_plattform_users:
   - 'peter.heise'
   - 'sven.ketelsen'
   - '{{ awx_ansible_user_name }}'
+  - '{{ gitlab_ansible_user_name }}'
 
 ip_whitelist_admins:
   - "79.215.10.239/32" # sven
diff --git a/users/gitlabci/ssh.pub b/users/gitlabci/ssh.pub
new file mode 100644
index 0000000..56912f1
--- /dev/null
+++ b/users/gitlabci/ssh.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC56R1WdRlekdRxDNM2r4pIK+y0t/mzplmZQxXXMxlWVIH8l4Sdqt6K/vteiX8kAepaPmqCo8iV16Dh2a5pxI1TnziJhoY9OmAu75qn/NRj9ePm0ZC/XjULcZS2GhlxlonVb//bvU6uwK4z1cbgsTkp4da39KLd7yyH2mBkCeKpAubp0Tqzve8uf15PUVU6aRF2YLqqhlOut3capISDnp9HTwQxEO6Kxy4qK0gyn18CCl83ThkT1QRJ8xs4vmDCsdv8KH+ia5PwdKX0taQji5oH5iL3in/fAfSTQoutWWPNWMHlUsmkPOml78zGzsRNa9y3CLUFLvQtuBk+o++dn23UAW495juj01i+VE1GsgGUQTjp7X2Ok3X7Ps4vKixLzVx6bTsLdEQCMyQZybAY9OGkGbLO1DpEciIK2NNwmBDZELVKVPcQrZ7TjG55goGP04505YA0XkbdMocO4ko0sAdPvcWF/60hVpORWzbMXl+f0QX5ll/ZsSylpwcDCMKV+zc= gitlabci@git.dev-at.de
diff --git a/users/outdated/ansible.2022.03.18.pub b/users/outdated/ansible.2022.03.18.pub
deleted file mode 100644
index a090b85..0000000
--- a/users/outdated/ansible.2022.03.18.pub
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNLUecch9TFY4feiE+4Scq7at7JLkIPnQIbwFMjUrYEsuHIQlyWuxfiUtCcTYRcS7eDSk0gPyAADPAkDSHpeOtF9CXAISWm4kORu9S3lgIm7113QT2xGdyag19G/Qrm0RHzujaBbAuRh4R7OK93+l2GqxBrL5ryHVDquTPoNxtBBCEfvAsEEoC2wRjyvWKfR6/rl8wTAOD+1Sty8iixUg6IVABOBN6ZjbSZ8WoWIqwgvZ5P55TkfSyQSbXArM8yqLRwHEHsSBZ0lCJmNS+Y6003dkjvY8UDAu4/VPhETH6l7kzvXNty64AjQGqbj569KtvBJINt7GtuwXq3bFzdRf61mSOfx+JAIzmJYCr0VrqOgTUhrnW9QY31FXUxr97nJRCa7s6E6+r4og0QkatLfLqnoCdJ/V+rK/TzUtywDWeTCInzHOEZgd2K/Rin3vnKFGpsPLZasVNS1KR3m/+r4BqCEO2/D/8xoV3Z8fegyBczrxn8cXpuUp7kIro5p2xpZ8= ansible@smardigo.digital