diff --git a/REFERENCE.md b/REFERENCE.md
index 7cd85e7..24dd6c3 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -93,6 +93,7 @@ The following parameters are available in the `gitlab_ci_runner` class:
 * [`config_dir_mode`](#-gitlab_ci_runner--config_dir_mode)
 * [`http_proxy`](#-gitlab_ci_runner--http_proxy)
 * [`ca_file`](#-gitlab_ci_runner--ca_file)
+* [`repo_keysource`](#-gitlab_ci_runner--repo_keysource)
 
 ##### <a name="-gitlab_ci_runner--runners"></a>`runners`
 
@@ -298,6 +299,14 @@ The ca_file must exist. If it doesn't, Gitlab runner token generation will be sk
 
 Default value: `undef`
 
+##### <a name="-gitlab_ci_runner--repo_keysource"></a>`repo_keysource`
+
+Data type: `Stdlib::HTTPSUrl`
+
+URL to the gpg file used to sign the apt packages
+
+Default value: `"${repo_base_url}/gpg.key"`
+
 ## Defined types
 
 ### <a name="gitlab_ci_runner--runner"></a>`gitlab_ci_runner::runner`
diff --git a/manifests/init.pp b/manifests/init.pp
index c91a0f4..b77c2ef 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -73,6 +73,7 @@
 #   `certificate verify failed (self signed certificate in certificate chain)`
 #   Using the CA file solves https://github.com/voxpupuli/puppet-gitlab_ci_runner/issues/124.
 #   The ca_file must exist. If it doesn't, Gitlab runner token generation will be skipped. Gitlab runner will not register until either the file exists or the ca_file parameter is not specified.
+# @param repo_keysource URL to the gpg file used to sign the apt packages
 #
 class gitlab_ci_runner (
   String                                     $xz_package_name, # Defaults in module hieradata
@@ -99,6 +100,7 @@
   Optional[Stdlib::Filemode]                 $config_dir_mode = undef,
   Optional[Stdlib::HTTPUrl]                  $http_proxy      = undef,
   Optional[Stdlib::Unixpath]                 $ca_file         = undef,
+  Stdlib::HTTPSUrl                           $repo_keysource  = "${repo_base_url}/gpg.key",
 ) {
   if $manage_docker {
     # workaround for cirunner issue #1617
diff --git a/manifests/repo.pp b/manifests/repo.pp
index 6ac58bd..72cb086 100644
--- a/manifests/repo.pp
+++ b/manifests/repo.pp
@@ -5,6 +5,7 @@
 class gitlab_ci_runner::repo (
   $repo_base_url  = $gitlab_ci_runner::repo_base_url,
   $repo_keyserver = $gitlab_ci_runner::repo_keyserver,
+  $repo_keysource = $gitlab_ci_runner::repo_keysource,
   $package_name   = $gitlab_ci_runner::package_name,
 ) {
   assert_private()
@@ -16,6 +17,7 @@
         repos    => 'main',
         key      => {
           'id'     => 'F6403F6544A38863DAA0B6E03F01618A51312F3F',
+          'source' => $repo_keysource,
           'server' => $repo_keyserver,
         },
         include  => {
@@ -46,7 +48,7 @@
         descr         => "runner_${package_name}",
         enabled       => '1',
         gpgcheck      => '0',
-        gpgkey        => "${repo_base_url}/gpg.key",
+        gpgkey        => $repo_keysource,
         repo_gpgcheck => '1',
         sslcacert     => '/etc/pki/tls/certs/ca-bundle.crt',
         sslverify     => '1',
@@ -58,7 +60,7 @@
         descr         => "runner_${package_name}-source",
         enabled       => '1',
         gpgcheck      => '0',
-        gpgkey        => "${repo_base_url}/gpg.key",
+        gpgkey        => $repo_keysource,
         repo_gpgcheck => '1',
         sslcacert     => '/etc/pki/tls/certs/ca-bundle.crt',
         sslverify     => '1',
diff --git a/spec/classes/gitlab_ci_runner_spec.rb b/spec/classes/gitlab_ci_runner_spec.rb
index 22679cd..1427b77 100644
--- a/spec/classes/gitlab_ci_runner_spec.rb
+++ b/spec/classes/gitlab_ci_runner_spec.rb
@@ -360,7 +360,8 @@
                 repos: 'main',
                 key: {
                   'id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F',
-                  'server' => undef_value
+                  'server' => undef_value,
+                  'source' => 'https://packages.gitlab.com/gpg.key',
                 },
                 include: {
                   'src' => false,
@@ -425,7 +426,7 @@
           it { is_expected.to contain_class('gitlab_ci_runner::repo') }
 
           it do
-            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'keys.gnupg.net')
+            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'keys.gnupg.net', 'source' => 'https://packages.gitlab.com/gpg.key')
           end
         end
 
@@ -442,7 +443,7 @@
           it { is_expected.to contain_class('gitlab_ci_runner::repo') }
 
           it do
-            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'hkp://keys.gnupg.net:80')
+            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'hkp://keys.gnupg.net:80', 'source' => 'https://packages.gitlab.com/gpg.key')
           end
         end
 
@@ -458,7 +459,7 @@
           it { is_expected.to contain_class('gitlab_ci_runner::repo') }
 
           it do
-            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'https://keys.gnupg.net:88')
+            is_expected.to contain_apt__source('apt_gitlabci').with_key('id' => 'F6403F6544A38863DAA0B6E03F01618A51312F3F', 'server' => 'https://keys.gnupg.net:88', 'source' => 'https://packages.gitlab.com/gpg.key')
           end
         end
       end