diff --git a/tasks/main.yml b/tasks/main.yml
index 63b9520..6b0ac84 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -36,6 +36,24 @@
 - name: "Lock root user"
   command: "passwd -l root"
 
+- name: Add deploy user
+  user:
+    name: "{{ common_deploy_user_name }}"
+    shell: /bin/bash
+
+- name: Add authorized keys for deploy user
+  authorized_key:
+    user: "{{ common_deploy_user_name }}"
+    key: "{{ lookup('file', item) }}"
+  with_items: "{{ common_deploy_public_key }}"
+
+- name: Add deploy user to sudoers
+  lineinfile:
+    dest: "/etc/sudoers"
+    regexp: "{{ common_deploy_user_name }} ALL"
+    line: "{{ common_deploy_user_name }} ALL=(ALL) NOPASSWD: ALL"
+    state: "present"
+
 - name: "Download Pip"
   get_url:
     url: "https://bootstrap.pypa.io/get-pip.py"
diff --git a/vars/main.yml b/vars/main.yml
index fa40be6..fae2db4 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -13,3 +13,5 @@ apt_packages:
   - mosh
 
 timezone: Europe/Zurich
+
+common_deploy_user_name: ansible