diff --git a/MAINTAINERS.md b/MAINTAINERS.md
index 9e472ec14..9be6901e9 100644
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@@ -191,7 +191,9 @@ release type that you specify, like devel, rc1, rc, major, major-post, etc.
 Run the script with `--help` to see all options.
 
 Notes:
-- You need access to master.gnome.org, see [here](https://handbook.gnome.org/infrastructure/accounts.html).
+- You need a private token from gitlab.freedesktop.org with 'api' level access
+  to the project. It can be saved to `~/.config/nm-release-token` or passed to
+  the `--gitlab-token` argument of `release.sh`.
 - The GPG key used to sign the tags must be exported to a keyserver.
 
 Versioning scheme, automatically handled by the script (version numbers are
@@ -203,7 +205,7 @@ called MAJOR.MINOR.MICRO):
   number less, and MICRO is >= 90).
 
 The main differences between the different kind of releases are:
-- Development releases: for depelopment and testing purposes only.
+- Development releases: for development and testing purposes only.
 - Release candidates (RC): stabilization phase before a stable release. Normally
   there are one or two RCs with ~2 weeks cadence. More RCs can be releases if
   they are needed.
diff --git a/contrib/fedora/rpm/release.sh b/contrib/fedora/rpm/release.sh
index a9e452a6a..7deb3bc16 100755
--- a/contrib/fedora/rpm/release.sh
+++ b/contrib/fedora/rpm/release.sh
@@ -27,7 +27,8 @@
 #   * Run in a "clean" environment, i.e. no unusual environment variables set, on a recent
 #     Fedora, with suitable dependencies installed.
 #
-#   * First, ensure that you have ssh keys for "master.gnome.org" installed (and ssh-agent running).
+#   * First, ensure that you have a valid Gitlab's private token for gitlab.freedestkop.org
+#     stored in ~/.config/nm-release-token, or pass one with --gitlab-token argument.
 #     Also, ensure you have a GPG key that you want to use for signing. Also, have gpg-agent running
 #     and possibly configure `git config --get user.signingkey` for the proper key.
 #
@@ -39,9 +40,13 @@
 #
 # Run with --no-test to do the actual release.
 
-die() {
+fail_msg() {
     echo -n "FAIL: "
     echo_color 31 "$@"
+}
+
+die() {
+    fail_msg "$@"
     exit 1
 }
 
@@ -63,6 +68,7 @@ print_usage() {
     echo "     [--no-check-gitlab] \\"
     echo "     [--no-check-news] \\"
     echo "     [--no-warn-publish-docs] \\"
+    echo "     [--gitlab-token <private_gitlab_token>] \\"
 }
 
 die_help() {
@@ -235,6 +241,11 @@ while [ "$#" -ge 1 ]; do
         --help|-h)
             die_help
             ;;
+        --gitlab-token)
+            [ "$#" -ge 1 ] || die_usage "provide a value for --gitlab-token"
+            GITLAB_TOKEN="$1"
+            shift
+            ;;
         devel|rc1|rc|major|major-post|minor)
             [ -z "$RELEASE_MODE" ] || die_usage "duplicate release-mode"
             RELEASE_MODE="$A"
@@ -501,27 +512,23 @@ case "$RELEASE_MODE" in
 esac
 
 build_tag() {
+    local BUILD_TAG="$1"
+    local TAR_FILE="NetworkManager-$2.tar.xz"
+    local SUM_FILE="$TAR_FILE.sha256sum"
+
     git checkout "$BUILD_TAG" || die "failed to checkout $BUILD_TAG"
-
     ./contrib/fedora/rpm/build_clean.sh -r || die "build release failed"
-
-    test -f "./build/meson-dist/$RELEASE_FILE" \
-    || die "release file \"./build/meson-dist/$RELEASE_FILE\" not found"
-
-    cp "./build/meson-dist/$RELEASE_FILE" /tmp/ || die "failed to copy release tarball to /tmp"
-
-    if test -f "./build/meson-dist/$RELEASE_FILE.sig" ; then
-        cp "./build/meson-dist/$RELEASE_FILE.sig" /tmp/ || die "failed to copy signature for tarball to /tmp"
-    fi
-
+    cp "./build/meson-dist/$TAR_FILE" /tmp/ || die "failed to copy $TAR_FILE to /tmp"
+    cp "./build/meson-dist/$SUM_FILE" /tmp/ || die "failed to copy $SUM_FILE to /tmp"
     git clean -fdx
 }
 
-RELEASE_FILES=()
+RELEASE_TAR_VERSIONS=()
+RELEASE_TAGS=()
 if [ -n "$BUILD_TAG" ]; then
-    RELEASE_FILE="NetworkManager-$TAR_VERSION.tar.xz"
-    RELEASE_FILES+=("$RELEASE_FILE")
-    build_tag
+    build_tag "$BUILD_TAG" "$TAR_VERSION"
+    RELEASE_TAR_VERSIONS+=("$TAR_VERSION")
+    RELEASE_TAGS+=("$BUILD_TAG")
 fi
 git checkout -B "$CUR_BRANCH" "$TMP_BRANCH" || die "cannot checkout $CUR_BRANCH"
 
@@ -531,9 +538,6 @@ if [ "$RELEASE_MODE" = rc1 ]; then
     git branch "$RELEASE_BRANCH" "$TMP_BRANCH" || die "cannot checkout $CUR_BRANCH"
     BRANCHES+=( "$RELEASE_BRANCH" )
     CLEANUP_REFS+=( "refs/heads/$RELEASE_BRANCH" )
-fi
-
-if [ "$RELEASE_MODE" = rc1 ]; then
     git checkout "$TMP_BRANCH"
     b="${VERSION_ARR[0]}.$((${VERSION_ARR[1]} + 2)).0"
     set_version_number "${VERSION_ARR[0]}" "$((${VERSION_ARR[1]} + 2))" 0
@@ -543,29 +547,86 @@ if [ "$RELEASE_MODE" = rc1 ]; then
     CLEANUP_REFS+=("refs/tags/$b-dev")
     BUILD_TAG="$b-dev"
     TAR_VERSION="$b"
-    RELEASE_FILE="NetworkManager-$TAR_VERSION.tar.xz"
-    RELEASE_FILES+=("$RELEASE_FILE")
-    build_tag
+    build_tag "$BUILD_TAG" "$TAR_VERSION"
+    RELEASE_TAR_VERSIONS+=("$TAR_VERSION")
+    RELEASE_TAGS+=("$BUILD_TAG")
     git checkout -B "$CUR_BRANCH" "$TMP_BRANCH" || die "cannot checkout $CUR_BRANCH"
 fi
 
-if ! [ "$DRY_RUN" = 0 ]; then
-    ssh master.gnome.org true || die "failed to \`ssh master.gnome.org\`"
+if [[ $GITLAB_TOKEN == "" ]]; then
+    [[ -r ~/.config/nm-release-token ]] || die "cannot read ~/.config/nm-release-token"
+    GITLAB_TOKEN=$(< ~/.config/nm-release-token)
 fi
 
-for r in "${RELEASE_FILES[@]}"; do
-    do_command rsync -va --append-verify -P "/tmp/$r" master.gnome.org: || die "failed to rsync \"/tmp/$r\""
-done
+# This step is not necessary for authentication, we use it only to provide a meaningful error message.
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+    "https://gitlab.freedesktop.org/api/v4/personal_access_tokens/self" &>/dev/null \
+    || die "failed to authenticate at gitlab.freedesktop.org with the private token"
 
 do_command git push "$ORIGIN" "${BRANCHES[@]}" || die "failed to to push branches ${BRANCHES[@]} to $ORIGIN"
 
-FAIL=0
-for r in "${RELEASE_FILES[@]}"; do
-    do_command ssh master.gnome.org ftpadmin install --unattended "$r" || FAIL=1
+CREATE_RELEASE_FAIL=0
+for I in "${!RELEASE_TAR_VERSIONS[@]}"; do
+    TAR_FILE="NetworkManager-${RELEASE_TAR_VERSIONS[$I]}.tar.xz"
+    SUM_FILE="$TAR_FILE.sha256sum"
+    BUILD_TAG="${RELEASE_TAGS["$I"]}"
+    FAIL=0
+
+    # upload tarball and checksum file as generic packages
+    for F in "$TAR_FILE" "$SUM_FILE"; do
+        do_command curl --location --fail-with-body --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+            --upload-file "/tmp/$F" \
+            "https://gitlab.freedesktop.org/api/v4/projects/411/packages/generic/NetworkManager/$BUILD_TAG/$F" \
+            || FAIL=1
+
+        if [[ $FAIL = 1 ]]; then
+            fail_msg "failed to upload $F"
+            CREATE_RELEASE_FAIL=1
+            break
+        fi
+    done
+
+    [[ $FAIL = 1 ]] && continue
+
+    # create release
+    do_command curl --location  --header 'Content-Type: application/json' --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+         --request POST "https://gitlab.freedesktop.org/api/v4/projects/411/releases" \
+         --data "$(cat <<END
+            {
+                "name": "NetworkManager $BUILD_TAG",
+                "tag_name": "$BUILD_TAG", 
+                "assets": {
+                    "links": [
+                        {
+                            "name": "NetworkManager $BUILD_TAG tarball with docs",
+                            "url": "https://gitlab.freedesktop.org/api/v4/projects/411/packages/generic/NetworkManager/$BUILD_TAG/$TAR_FILE",
+                            "direct_asset_path": "/$TAR_FILE",
+                            "link_type":"package"
+                        },
+                        {
+                            "name": "NetworkManager $BUILD_TAG tarball sha256sum",
+                            "url": "https://gitlab.freedesktop.org/api/v4/projects/411/packages/generic/NetworkManager/$BUILD_TAG/$SUM_FILE",
+                            "direct_asset_path": "/$SUM_FILE",
+                            "link_type":"package"
+                        },
+                        {
+                            "name": "NEWS",
+                            "url": "https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/$BUILD_TAG/NEWS?ref_type=tags",
+                            "direct_asset_path": "/NEWS",
+                            "link_type":"other"
+                        }
+                    ]
+                }
+            }
+END
+            )" || FAIL=1
+
+    if [[ $? != 0 ]]; then
+        fail_msg "failed to create NetworkManager $BUILD_TAG release"
+        CREATE_RELEASE_FAIL=1
+        continue
+    fi
 done
-if [ "$FAIL" = 1 ]; then
-    die "ftpadmin install failed. This was the last step. Invoke the command manually"
-fi
 
 CLEANUP_CHECKOUT_BRANCH=
 if [ "$DRY_RUN" = 0 ]; then
@@ -576,3 +637,7 @@ else
     git checkout -B "$CUR_BRANCH" "$CUR_HEAD" || die "cannot reset $CUR_BRANCH to $CUR_HEAD"
     echo "delete reference. Restore with $(echo_color 36 -n git checkout -B "\"$CUR_BRANCH\"" "$H")"
 fi
+
+if [[ $CREATE_RELEASE_FAIL == 1 ]]; then
+    die "failed creating the release at gitlab.freedesktop.org. This was the last step, create it manually from the web UI"
+fi
\ No newline at end of file