diff --git a/roles/jenkins/ansible.list b/roles/jenkins/files/ansible.list
similarity index 100%
rename from roles/jenkins/ansible.list
rename to roles/jenkins/files/ansible.list
diff --git a/roles/jenkins/tasks/main.yml b/roles/jenkins/tasks/main.yml
index 3c2e2fe..ef27b0e 100644
--- a/roles/jenkins/tasks/main.yml
+++ b/roles/jenkins/tasks/main.yml
@@ -14,8 +14,15 @@
     key: "{{ jenkins_sshkey }}"
   when: jenkins_sshkey is defined
 
-- name: Install Ansible source
+- name: Give Jenkins user passwordless sudo
   template:
+    src: jenkins_sudoers.j2
+    dest: /etc/sudoers.d/{{ jenkins_user }}
+    validate: "visudo -cf %s"
+    mode: 0440
+
+- name: Install Ansible source
+  copy:
     src: ansible.list
     dest: /etc/apt/sources.list.d/ansible.list
 
diff --git a/roles/jenkins/templates/jenkins_sudoers.j2 b/roles/jenkins/templates/jenkins_sudoers.j2
new file mode 100644
index 0000000..d992505
--- /dev/null
+++ b/roles/jenkins/templates/jenkins_sudoers.j2
@@ -0,0 +1 @@
+{{ jenkins_user }} ALL=(ALL:ALL) NOPASSWD:ALL