diff --git a/defaults/main.yaml b/defaults/main.yaml
index 1bd7317..902f20c 100644
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@@ -23,6 +23,7 @@ nodepool_task_manager:
 nodepool_user_name: nodepool
 nodepool_user_group: nodepool
 nodepool_user_home: /var/lib/nodepool
+nodepool_user_home_mode: 0755
 # nodepool_user_shell:
 
 nodepool_file_nodepool_yaml_dest: /etc/nodepool/nodepool.yaml
diff --git a/molecule/tests/test_role.py b/molecule/tests/test_role.py
index 6b87e65..f3364f2 100644
--- a/molecule/tests/test_role.py
+++ b/molecule/tests/test_role.py
@@ -27,7 +27,7 @@ def test_nodepool_user(host):
     assert f.is_directory
     assert f.user == 'nodepool'
     assert f.group == 'nodepool'
-    # TODO(pabelanger): Validate mode
+    assert f.mode == 0o755
 
 
 def test_nodepool_config(host):
diff --git a/tasks/pre.yaml b/tasks/pre.yaml
index 067f9de..1b5da65 100644
--- a/tasks/pre.yaml
+++ b/tasks/pre.yaml
@@ -12,12 +12,12 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 ---
-- name: Create group account.
+- name: Create group account
   become: true
   group:
     name: "{{ nodepool_user_group }}"
 
-- name: Create user account.
+- name: Create user account
   become: true
   user:
     createhome: true
@@ -25,3 +25,9 @@
     home: "{{ nodepool_user_home }}"
     name: "{{ nodepool_user_name }}"
     shell: "{{ nodepool_user_shell|default(omit) }}"
+
+- name: Set permissions on home directory
+  become: true
+  file:
+    path: "{{ nodepool_user_home }}"
+    mode: "{{ nodepool_user_home_mode }}"