diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
new file mode 100644
index 0000000..33b188d
--- /dev/null
+++ b/.github/workflows/publish.yaml
@@ -0,0 +1,27 @@
+---
+name: Deploy collection to galaxy
+on:
+  release:
+    types:
+      - released
+
+jobs:
+  publish:
+    name: Publish to Galaxy
+    runs-on: ubuntu-latest
+    steps:
+      - uses: checkout@v4
+        with:
+          ref: ${{ github.ref }}
+
+      - name: Build collection
+        run: ansible-galaxy collection build
+
+      - name: Get expected version string
+        shell: VERSION=$(echo ${{ github.ref_name }} | sed -e 's/v\(.*\)/\1/'
+
+      - name: Publish to Galaxy
+        run: |
+          ansible-galaxy collection publish \
+          tofugarden-secureboot-$VERSION.tar.gz \
+          --token ${{ secrets.GALAXY_API_KEY }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 0000000..fb35c66
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,37 @@
+---
+name: Release
+on:
+  push:
+    tags:
+      - v*
+
+    tags-ignore:
+      - "*-alpha"
+      - "*-beta"
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install antibull-changelog
+        run: pip install ansibull-changelog
+
+      - name: Generate changelog
+        run: ansibull-changelog release
+
+      - name: Build collection tarball
+        run: ansible-galaxy collection build
+
+      - name: Get version string
+        shell: echo "VERSION=${GITHUB_REF_NAME:1}" >> "$GITHUB_ENV"
+
+      - uses: ncipollo/release-action@v1
+        with:
+          artifacts:
+            - crichez-secureboot-${{ env.VERSION }}.tar.gz
+          body_file: CHANGELOG.md
diff --git a/README.md b/README.md
index 46a86da..780e848 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# tofugarden.secureboot
+# crichez.secureboot
 
 This repository contains an Ansible roles to configure secure boot. 
 
diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml
new file mode 100644
index 0000000..a899c89
--- /dev/null
+++ b/changelogs/changelog.yaml
@@ -0,0 +1,10 @@
+---
+ancestor: null
+releases:
+  1.0.0:
+    objects:
+      role:
+        - description: UKI Configuration.
+          name: uki_config
+          namespace: null
+    release_date: '2024-08-02'
diff --git a/changelogs/config.yaml b/changelogs/config.yaml
new file mode 100644
index 0000000..8e58a07
--- /dev/null
+++ b/changelogs/config.yaml
@@ -0,0 +1,37 @@
+add_plugin_period: true
+changelog_filename_template: ../CHANGELOG.rst
+changelog_filename_version_depth: 0
+changelog_nice_yaml: true
+changelog_sort: alphanumerical
+changes_file: changelog.yaml
+changes_format: combined
+ignore_other_fragment_extensions: true
+keep_fragments: false
+mention_ancestor: true
+new_plugins_after_name: removed_features
+notesdir: fragments
+output_formats:
+  - md
+prelude_section_name: release_summary
+prelude_section_title: Release Summary
+sanitize_changelog: true
+sections:
+  - - major_changes
+    - Major Changes
+  - - minor_changes
+    - Minor Changes
+  - - breaking_changes
+    - Breaking Changes / Porting Guide
+  - - deprecated_features
+    - Deprecated Features
+  - - removed_features
+    - Removed Features (previously deprecated)
+  - - security_fixes
+    - Security Fixes
+  - - bugfixes
+    - Bugfixes
+  - - known_issues
+    - Known Issues
+title: Crichez.Secureboot
+trivial_section_name: trivial
+use_fqcn: true
diff --git a/galaxy.yaml b/galaxy.yaml
deleted file mode 100644
index efb4e7d..0000000
--- a/galaxy.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-namespace: tofugarden
-
-name: secureboot
-
-version: 0.0.1
-
-readme: README.md
-
-authors:
-  Christopher Palmer-Richez tofu.ansible@chorky.net @crichez
-
-description: A collection related to secure boot management.
-
-license:
-  - GPL-3.0-only
-
-tags:
-  - secureboot
-  - mok
-  - shim
-  - tpm
-  - uki
-
-dependencies:
-  community.crypto: "9.2.0 <10.0.0"
-  community.general: "2.21.1 <3.0.0"
-
-repository: https://github.com/crichez/tofugarden.secureboot.git
-
-documentation: https://github.com/crichez/tofugarden.secureboot
-
-issues: https://github.com/crichez/tofugarden.secureboot/issues
diff --git a/galaxy.yml b/galaxy.yml
new file mode 100644
index 0000000..548091b
--- /dev/null
+++ b/galaxy.yml
@@ -0,0 +1,25 @@
+---
+namespace: crichez
+name: secureboot
+version: 1.0.0
+readme: README.md
+authors:
+  - Christopher Palmer-Richez tofu.ansible@chorky.net @crichez
+description: A collection related to secure boot management.
+license:
+  - GPL-3.0-only
+tags:
+  - linux
+  - security
+  - tools
+  - secureboot
+  - mok
+  - shim
+  - tpm
+  - uki
+dependencies:
+  community.crypto: ">=2.21.0,<3.0.0"
+  community.general: ">=9.0.0,<10.0.0"
+repository: https://github.com/crichez/crichez.secureboot.git
+documentation: https://github.com/crichez/crichez.secureboot
+issues: https://github.com/crichez/crichez.secureboot/issues
diff --git a/meta/runtime.yml b/meta/runtime.yml
new file mode 100644
index 0000000..a764a08
--- /dev/null
+++ b/meta/runtime.yml
@@ -0,0 +1,2 @@
+---
+requires_ansible: ">=2.17.0"
diff --git a/roles/uki_config/meta/argument_specs.yaml b/roles/uki_config/meta/argument_specs.yaml
index 7226519..611b439 100644
--- a/roles/uki_config/meta/argument_specs.yaml
+++ b/roles/uki_config/meta/argument_specs.yaml
@@ -1,8 +1,9 @@
+---
 argument_specs:
   main:
     short_description: UKI Configuration
     description: Configure kernel-install to build and sign UKIs
-    version_added: "0.0.1"
+    version_added: "1.0.0"
     author: "Christopher Palmer-Richez (tofugarden)"
     options:
       uki_config_initrd_generator: