diff --git a/apt/repositories.sls b/apt/repositories.sls
index 2e6eeb5..4ae6119 100644
--- a/apt/repositories.sls
+++ b/apt/repositories.sls
@@ -33,22 +33,41 @@ debian-archive-keyring:
 {%- set r_comps = args.comps|default(['main'])|join(' ') %}
 {%- set r_keyserver = args.keyserver if args.keyserver is defined else apt_map.default_keyserver %}
 
+  {%- if args.key_url is defined %}
+    {%- set key_body = salt['http.query'](args.key_url).get('body', '') %}
+    {%- set key_id = salt['cmd.shell']('apt-key adv --with-fingerprint --with-colons | grep pub', stdin=key_body).split(':')[4] %}
+    {%- if key_id not in salt['pkg.get_repo_keys']().keys() %}
+apt_key {{ repo }} {{ args.key_url }}:
+  module.run:
+    - name: pkg.add_repo_key
+    - text: |
+        {{ key_body|indent(8) }}
+    {%- endif %}
+  {%- elif args.keyid is defined %}
+    {%- set long_keys = salt['pkg.get_repo_keys']().keys() %}
+    {%- set short_keys = [] %}
+    {%- for long_key in long_keys %}
+    {%-   do short_keys.append(long_key[-8:]) %}
+    {%- endfor %}
+    {%- if args.keyid not in long_keys and args.keyid not in short_keys %}
+apt_key {{ repo }} {{ args.keyid }}:
+  module.run:
+    - name: pkg.add_repo_key
+    - keyserver: {{ r_keyserver }}
+    - keyid: {{ args.keyid }}
+    {%- endif %}
+  {%- endif %}
+
+
   {%- for type in args.type|d(['binary']) %}
   {%- set r_type = 'deb-src' if type == 'source' else 'deb' %}
 
-{{ r_type }} {{ repo }}:
-  pkgrepo.managed:
-    - name: {{ r_type }} {{ r_arch }} {{ r_url }} {{ r_distro }} {{ r_comps }}
-    - file: {{ sources_list_dir }}/{{ repo }}-{{ type }}.list
-    {# You can use either keyid+keyserver or key_url. If both are provided
-       the latter will be used. #}
-    {% if args.key_url is defined %}
-    - key_url: {{ args.key_url }}
-    {% elif args.keyid is defined %}
-    - keyid: {{ args.keyid }}
-    - keyserver: {{ r_keyserver }}
-    {% endif %}
-    - clean_file: true
+{{ sources_list_dir }}/{{ repo }}-{{ type }}.list:
+  file.managed:
+    - contents: |
+        {{ r_type }} {{ r_arch }} {{ r_url }} {{ r_distro }} {{ r_comps }}
+    - require_in:
+      - file: {{ sources_list_dir }}
 
   {%- endfor %}
 {% endfor %}