diff --git a/ansible/system.yaml b/ansible/system.yaml
index 446f229da5aeb77fc735856e096bf112de3d5eb1..218b68d9080757ec08cab50d19e118bc1d2b69a9 100644
--- a/ansible/system.yaml
+++ b/ansible/system.yaml
@@ -2,8 +2,20 @@
 - hosts: all
   gather_facts: no
   tasks:
+    - name: Make sure we have a 'wheel' group
+      become: true
+      group:
+        name: wheel
+        state: present
+    - name: Allow 'wheel' group to have passwordless sudo
+      become: true
+      lineinfile:
+        dest: /etc/sudoers
+        state: present
+        regexp: '^%wheel'
+        line: '%wheel ALL=(ALL) NOPASSWD: ALL'
     - name: Create {{ deploy_user_name }} user
-      user: name={{ deploy_user_name }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa
+      user: name={{ deploy_user_name }} groups=wheel append=yes state=present createhome=yes generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa
       become: true
     - name: install git
       yum: name=git state=present