diff --git a/defaults/main.yml b/defaults/main.yml
index 6ad5cde..d0144fd 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -16,6 +16,40 @@
 uca_enable: True
 uca_apt_repo_url: "http://ubuntu-cloud.archive.canonical.com/ubuntu"
 
+# If you want to use your own keys for UCA or RDO (instead of ubuntu or
+# CentOS defaults), please define user_external_repo_key dict with
+# keys/values corresponding to the ansible module arguments for your
+# distribution.
+#
+# For CentOS you'd define the following:
+#user_external_repo_key:
+#  key: https://my-repo.example.com/signing-key.asc
+# You could also use key: <keyid> from a keyserver, see ansible rpm_key doc.
+# Validate cert option from the module is also supported.
+# In CentOS, refusing to use the RDO package also forces you to add your own
+# repository. See below to know how to include your own repository.
+#
+# For Ubuntu, you'd define the following:
+#user_external_repo_key:
+#  url: https://my-repo.example.com/signing-key.asc
+# This leverages apt_key module, and passes the id, keyserver, and url argument.
+# Therefore, you can ensure the id of the key you want to import with id: <keyid>
+# or replace the source url with a keyserver.
+
+# If you have defined another set of keys you want to include, the chances are
+# high you want to give also your own repository.
+# For CentOS, define the following dict+key/values:
+#user_external_repo:
+#  name: "mymirror"
+#  baseurl: "http://mymirrorurl/baseurl/"
+#See also gpgcheck, gpgkey, description of the Ansible yum_repository module
+# For Ubuntu, define something like the following:
+#user_external_repo:
+#  repo: "deb http://mymirrorurl/ubuntu/ xenial main"
+#  filename: "mymirror"
+# If your mirror includes UCA mirroring, you may then want to disable using uca
+# by setting in your user variables uca_enable: False
+
 # Set the package install state for distribution packages
 # Options are 'present' and 'latest'
 pip_install_package_state: "latest"
diff --git a/tasks/pre_install.yml b/tasks/pre_install.yml
index bad3151..e0253ea 100644
--- a/tasks/pre_install.yml
+++ b/tasks/pre_install.yml
@@ -20,10 +20,13 @@
   when:
     - ansible_pkg_mgr == 'apt'
 
-- name: Install external repo key package
+# Under CentOS, this will add the repo and its key to the keyring
+# Under Ubuntu, this will only add the key
+- name: Install external repo key with package
   package:
     name: "{{ pip_install_external_repo_key_package }}"
     state: "{{ pip_install_package_state }}"
+  when: user_external_repo_key is not defined
   tags:
     - add-repo-keys
 
@@ -43,6 +46,72 @@
   tags:
     - add-uca-repo
 
+- name: Install external repo key manually (apt)
+  apt_key:
+    id: "{{ user_external_repo_key.id | default(omit) }}"
+    keyserver: "{{ user_external_repo_key.keyserver | default(omit) }}"
+    url: "{{ user_external_repo_key.url | default(omit) }}"
+    state: present
+  when:
+    - ansible_pkg_mgr == 'apt'
+    - user_external_repo_key is defined
+  register: add_keys
+  until: add_keys|success
+  retries: 5
+  delay: 2
+  tags:
+    - add-repo-keys
+
+- name: Install external repo key manually (rpm)
+  rpm_key:
+    key: "{{ user_external_repo_key.key }}"
+    validate_certs: "{{ user_external_repo_key.validate_certs | default(omit) }}"
+    state: present
+  when:
+    - ansible_pkg_mgr == 'yum'
+    - user_external_repo_key is defined
+  register: add_keys
+  until: add_keys|success
+  retries: 5
+  delay: 2
+  tags:
+    - add-repo-keys
+
+- name: Install external repo manually (apt)
+  apt_repository:
+    repo: "{{ user_external_repo.repo }}"
+    state: "{{ user_external_repo.state | default('present') }}"
+    update_cache: yes
+    filename: "{{ user_external_repo.filename | default(omit) }}"
+  register: user_external_repo
+  until: user_external_repo|success
+  retries: 5
+  delay: 2
+  when:
+    - ansible_pkg_mgr == 'apt'
+    - user_external_repo is defined
+  tags:
+    - add-external-repo
+
+- name: Install external repo manually (yum)
+  yum_repository:
+    name: "{{ user_external_repo.name }}"
+    description: "{{ user_external_repo.description | default(omit) }}"
+    baseurl: "{{ user_external_repo.baseurl | default(omit) }}"
+    gpgkey: "{{ user_external_repo.gpgkey | default(omit) }}"
+    gpgcheck: "{{ user_external_repo.gpgcheck | default(omit) }}"
+    enabled: "{{ user_external_repo.enabled | default('yes') }}"
+  register: user_external_repo
+  until: user_external_repo|success
+  retries: 5
+  delay: 2
+  when:
+    - ansible_pkg_mgr == 'yum'
+    - user_external_repo is defined
+    - user_external_repo.name is defined
+  tags:
+    - add-external-repo
+
 - name: Install packages
   package:
     name: "{{ item }}"