diff --git a/.github/workflows/android-build.yml b/.github/workflows/android-build.yml
index 43a86679..936cead4 100644
--- a/.github/workflows/android-build.yml
+++ b/.github/workflows/android-build.yml
@@ -26,6 +26,9 @@ jobs:
       - name: Setup Gradle
         uses: gradle/gradle-build-action@v2
 
+      - name: Generating one-time APK signature key
+        run: keytool -genkey -v -keystore keystore.jks -alias Nostros -keyalg RSA -keysize 2048 -validity 10000 -storepass ${{ secrets.KEY_STORE_PASS }} -keypass ${{ secrets.KEY_PASS }} -dname "cn=Nostros, ou=Actions, o=Nostros, c=GitHub"
+
       - name: 'Build Android Release'
         run: |
           cd android
diff --git a/android/app/build.gradle b/android/app/build.gradle
index ca0bb591..7ef2699e 100644
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@@ -126,6 +126,22 @@ android {
             keyAlias 'androiddebugkey'
             keyPassword 'android'
         }
+
+        release {
+            // We can leave these in environment variables
+            storeFile file('../../keystore.jks')
+            keyAlias System.getenv("KEY_ALIAS")
+
+            // These two lines make gradle believe that the signingConfigs
+            // section is complete. Without them, tasks like installRelease
+            // will not be available!
+            storePassword System.getenv("KEY_STORE_PASS")
+            keyPassword System.getenv("KEY_PASS")
+
+            enableV1Signing true
+            enableV2Signing true
+            enableV3Signing true
+        }
     }
     buildTypes {
         debug {