diff --git a/roles/common/tasks/ansibleuser.yml b/roles/common/tasks/ansibleuser.yml
index 2cfc2d3..5a0b6c2 100644
--- a/roles/common/tasks/ansibleuser.yml
+++ b/roles/common/tasks/ansibleuser.yml
@@ -9,6 +9,12 @@
         password_lock: yes
         system: yes
       become: yes
+    - name: Ensure perms on Ansible user home
+      file:
+        path: "/home/ansible"
+        mode: "0700"
+        owner: ansible
+        group: ansible
     - name: Add Ansible key to user
       authorized_key:
         user: ansible