diff --git a/hydra/modules/sysadmin/overdrive.scm b/hydra/modules/sysadmin/overdrive.scm
index 43ad9dc..a74fea7 100644
--- a/hydra/modules/sysadmin/overdrive.scm
+++ b/hydra/modules/sysadmin/overdrive.scm
@@ -30,6 +30,8 @@
   #:use-module (gnu services mcron)
   #:use-module (gnu services ssh)
   #:use-module (gnu services vpn)
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-26)
   #:use-module ((sysadmin services) #:select (berlin-wireguard-peer))
   #:export (overdrive-system))
 
@@ -167,4 +169,16 @@
                              '("--max-jobs=2" "--cores=3")))))))
 
     (packages (cons* btrfs-progs screen openssh strace nss-certs
-                     %base-packages))))
+                     %base-packages))
+
+    ;; Allow sysadmins (sudoers) to use 'sudo' without a password so
+    ;; they can 'guix deploy' these machines as their own user.
+    (sudoers-file
+     (plain-file "sudoers"
+                 (string-join
+                  (append (remove (cut string-prefix? "%wheel" <>)
+                                  (string-split
+                                   (string-trim-right (plain-file-content
+                                                       %sudoers-specification))
+                                   #\newline))
+		          (list "%wheel ALL = NOPASSWD: ALL\n")) "\n")))))