diff --git a/Unix.yaml b/Unix.yaml
index c1606a9..72a3b1b 100644
--- a/Unix.yaml
+++ b/Unix.yaml
@@ -2,6 +2,9 @@
 - hosts: localhost
 
   roles:
+    - role: sudo
+      when: ansible_user_id != "root"
+
     - role: zsh
     - role: neovim
     - role: tmux
diff --git a/roles/sudo/tasks/main.yaml b/roles/sudo/tasks/main.yaml
new file mode 100644
index 0000000..d7b07cc
--- /dev/null
+++ b/roles/sudo/tasks/main.yaml
@@ -0,0 +1,12 @@
+---
+- assert:
+    that: ansible_user_id != "root"
+
+- name: create /etc/sudoers.d/{user} config file
+  become: true
+  template:
+    src: sudoers
+    dest: '/etc/sudoers.d/{{ansible_user_id}}'
+    owner: root
+    group: root
+    mode: '0440'
diff --git a/roles/sudo/templates/sudoers b/roles/sudo/templates/sudoers
new file mode 100644
index 0000000..f034056
--- /dev/null
+++ b/roles/sudo/templates/sudoers
@@ -0,0 +1 @@
+{{ansible_user_id}}	ALL=(ALL)	NOPASSWD:ALL