Hi, I’m a Fedora package maintainer with an SRE background. As an SRE, I believe that the current common practice of building kernel modules from source on the system where they will be used is inherently unreliable, and we can do better.
I’ve built a workflow that automatically rebuilds kernel module packages when Fedora’s maintainers submit a new kernel package for testing. The build process operates in a secure AWS VPC, and uses KMS to sign modules and packages with keys that can’t be exfiltrated.
There are rough spots for third party kernel module packages, but I think I’m at a point were I can start inviting users to help by testing the packages and reporting any problems. The first module I’m building is NVIDIA’s open kernel module, but other modules may be offered in the future.
Documentation for the installation process is here: https://project-resistor.codeberg.page/2026/07/05/installing-nvidia-kernel-module.html
And interested users can subscribe to this “issue” and provide feedback: https://codeberg.org/project-resistor-kernel/nvidia-open-kmod/issues/1