diff --git a/group_vars/git.yml b/group_vars/git.yml
index d5b7e1a0..1fc3b636 100644
--- a/group_vars/git.yml
+++ b/group_vars/git.yml
@@ -22,6 +22,38 @@ apt_packages_extra:
 ### mgrote_restic
 restic_folders_to_backup: "/usr/local /etc /root /home {{ gitea_home }}"
 
+### mgrote_user
+users:
+  - username: mg
+    password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}"
+    update_password: always
+    groups:
+      - ssh
+      - sudo
+    state: present
+    public_ssh_key: "{{ ssh_public_key_mg }}"
+    allow_sudo: true
+    allow_passwordless_sudo: true
+  - username: ansible-user
+    password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}"
+    update_password: always
+    groups:
+      - ssh
+      - sudo
+    state: present
+    public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE
+    allow_sudo: true
+    allow_passwordless_sudo: true
+  - username: "{{ gitea_db_user }}"
+    password: "{{ gitea_db_password }}"
+    update_password: always
+    groups:
+      - ssh
+      - sudo
+    state: present
+#    allow_sudo: true
+#    allow_passwordless_sudo: true
+
 ### geerlingguy_postgres
 postgresql_databases:
   - name: "{{ gitea_db_name }}"
@@ -29,7 +61,7 @@ postgresql_users:
   - name: "{{ gitea_db_user }}"
     password: "{{ gitea_db_password }}"
 
-postgres_users_no_log: false
+postgres_users_no_log: false # TODO wieder weg
 
 ### oefenweb.ufw
 ufw_rules: