diff --git a/custodia-0.6.0.tar.gz b/custodia-0.6.0.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..d8ebfcaf46429bb43faf8d4323b5bfef06e8b514
Binary files /dev/null and b/custodia-0.6.0.tar.gz differ
diff --git a/custodia.conf b/custodia.conf
new file mode 100644
index 0000000000000000000000000000000000000000..5e4b584ebd4a31a7c1452fb7d11b663b747c0ef0
--- /dev/null
+++ b/custodia.conf
@@ -0,0 +1,32 @@
+# /etc/custodia/custodia.conf
+[global]
+debug = true
+makedirs = true
+
+[store:sqlite]
+handler = SqliteStore
+dburi = ${libdir}/secrets.db
+table = secrets
+
+[store:encrypted_sqlite]
+handler = EncryptedOverlay
+backing_store = sqlite
+master_key = ${libdir}/secrets.key
+master_enctype = A128CBC-HS256
+autogen_master_key = true
+
+[auth:creds]
+handler = SimpleCredsAuth
+uid = root
+gid = root
+
+[authz:paths]
+handler = SimplePathAuthz
+paths = /. /secrets
+
+[/]
+handler = Root
+
+[/secrets]
+handler = Secrets
+store = encrypted_sqlite
diff --git a/custodia.spec b/custodia.spec
new file mode 100644
index 0000000000000000000000000000000000000000..c7474bb85a77fa9adf04dae63273b91f734d26d4
--- /dev/null
+++ b/custodia.spec
@@ -0,0 +1,132 @@
+Name:           custodia
+Version:        0.6.0
+Release:        5
+Summary:        A tool for managing secrets other processes
+License:        GPLv3+
+URL:            https://github.com/latchset/%{name}
+Source0:        https://github.com/latchset/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
+Source2:        custodia.conf
+Source3:        custodia@.service
+Source4:        custodia@.socket
+Source5:        custodia.tmpfiles.conf
+BuildArch:      noarch
+
+BuildRequires:      systemd python3-devel python3-jwcrypto >= 0.4.2
+BuildRequires:      python3-requests python3-setuptools > 18 python3-coverage
+BuildRequires:      python3-pytest python3-docutils python3-systemd
+
+Requires:           python3-custodia = %{version}-%{release}
+Requires(preun):    systemd-units
+Requires(postun):   systemd-units
+Requires(post):     systemd-units
+
+%description
+A tool for managing secrets other processes
+
+Custodia is a project that aims to define an API for modern cloud applications
+that allows to easily store and share password,tokens,certificates and any
+other secret in a way that keeps data secure, manageable and auditable.
+
+Custodia is modular, the configuration file controls how authentication,
+authorization, storage and API plugins are combined and exposed.
+
+%package -n python3-custodia
+Summary:    Sub-package with python3 custodia modules
+%{?python_provide:%python_provide python3-%{name}}
+Requires:   python3-jwcrypto >= 0.4.2 python3-requests python3-setuptools python3-systemd
+Conflicts:  python3-custodia-extra < %{version}
+
+%description -n python3-custodia
+Sub-package with python custodia modules
+
+Custodia is a project that aims to define an API for modern cloud applications
+that allows to easily store and share password,tokens,certificates and any
+other secret in a way that keeps data secure, manageable and auditable.
+
+Custodia is modular, the configuration file controls how authentication,
+authorization, storage and API plugins are combined and exposed.
+
+%prep
+%autosetup -p1
+
+%build
+%py3_build
+
+%check
+export PIP_INDEX_URL=http://host.invalid./
+export PIP_NO_DEPS=yes
+export PIP_IGNORE_INSTALLED=yes
+
+%{__python3} -m venv --system-site-packages testenv
+testenv/bin/pip install .
+testenv/bin/python -m pytest --capture=no --strict --skip-servertests
+
+%install
+install -d %{buildroot}/%{_sbindir}
+install -d  %{buildroot}/%{_mandir}/man7
+install -d %{buildroot}/%{_defaultdocdir}/custodia
+install -d %{buildroot}/%{_defaultdocdir}/custodia/examples
+install -d %{buildroot}/%{_sysconfdir}/custodia
+install -d %{buildroot}/%{_unitdir}
+install -d %{buildroot}/%{_tmpfilesdir}
+install -d %{buildroot}/%{_localstatedir}/lib/custodia
+install -d %{buildroot}/%{_localstatedir}/log/custodia
+install -d %{buildroot}/%{_localstatedir}/run/custodia
+
+%py3_install
+mv %{buildroot}/%{_bindir}/custodia %{buildroot}/%{_sbindir}/custodia
+cp %{buildroot}/%{_sbindir}/custodia %{buildroot}/%{_sbindir}/custodia-3
+cp %{buildroot}/%{_bindir}/custodia-cli %{buildroot}/%{_bindir}/custodia-cli-3
+
+install -m 644 -t "%{buildroot}/%{_mandir}/man7" man/custodia.7
+install -m 644 -t "%{buildroot}/%{_defaultdocdir}/custodia" README API.md
+install -m 644 -t "%{buildroot}/%{_defaultdocdir}/custodia/examples" custodia.conf
+install -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/custodia
+install -m 644 %{SOURCE3} %{SOURCE4} %{buildroot}%{_unitdir}
+install -m 644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/custodia.conf
+
+%pre
+getent group custodia >/dev/null || groupadd -r custodia
+getent passwd custodia >/dev/null || \
+    useradd -r -g custodia -d / -s /sbin/nologin \
+    -c "User for custodia" custodia
+exit 0
+
+%post
+%systemd_post custodia@\*.socket
+%systemd_post custodia@\*.service
+
+%preun
+%systemd_preun custodia@\*.socket
+%systemd_preun custodia@\*.service
+
+%postun
+%systemd_postun custodia@\*.socket
+%systemd_postun custodia@\*.service
+
+%files
+%doc README API.md LICENSE
+%doc %{_defaultdocdir}/custodia/examples/custodia.conf
+%{_mandir}/man7/custodia*
+%{_sbindir}/custodia
+%{_bindir}/custodia-cli
+%dir %attr(0700,custodia,custodia) %{_sysconfdir}/custodia
+%dir %attr(0700,custodia,custodia) %{_localstatedir}/lib/custodia
+%dir %attr(0700,custodia,custodia) %{_localstatedir}/log/custodia
+%dir %attr(0755,custodia,custodia) %{_localstatedir}/run/custodia
+%config(noreplace) %attr(600,custodia,custodia) %{_sysconfdir}/custodia/custodia.conf
+%attr(644,root,root)  %{_unitdir}/custodia@.socket
+%attr(644,root,root)  %{_unitdir}/custodia@.service
+%{_tmpfilesdir}/custodia.conf
+
+%files -n python3-custodia
+%doc LICENSE
+%{_sbindir}/custodia-3
+%{_bindir}/custodia-cli-3
+%{python3_sitelib}/%{name}
+%{python3_sitelib}/%{name}-%{version}-py%{python3_version}.egg-info
+%{python3_sitelib}/%{name}-%{version}-py%{python3_version}-nspkg.pth
+
+%changelog
+* Fri May 15 2020 Captain Wei <captain.a.wei@gmail.com> 0.6.0-5
+- Package init
diff --git a/custodia.tmpfiles.conf b/custodia.tmpfiles.conf
new file mode 100644
index 0000000000000000000000000000000000000000..cacc03914f438b16b978b2939ebccba1827fbb97
--- /dev/null
+++ b/custodia.tmpfiles.conf
@@ -0,0 +1 @@
+d /run/custodia 0755 custodia custodia
diff --git a/custodia.yaml b/custodia.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0b7398c7cec54ce693cfa77305520867fb177234
--- /dev/null
+++ b/custodia.yaml
@@ -0,0 +1,4 @@
+version_control: github
+src_repo: latchset/custodia
+tag_prefix: ^
+seperator: .
diff --git a/custodia@.service b/custodia@.service
new file mode 100644
index 0000000000000000000000000000000000000000..ef539f95193958a830d66b97261ad795d1876188
--- /dev/null
+++ b/custodia@.service
@@ -0,0 +1,21 @@
+# /etc/systemd/system/custodia@.service
+
+[Unit]
+Description=Custodia Secrets Service for %I
+Documentation=https://github.com/latchset/custodia
+Requires=custodia@%i.socket
+After=network.target
+
+[Service]
+Type=notify
+ExecStart=/usr/sbin/custodia --instance=%i /etc/custodia/%i.conf
+User=custodia
+Group=custodia
+ProtectSystem=full
+ProtectHome=true
+NoNewPrivileges=true
+Restart=on-failure
+RestartSec=30s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/custodia@.socket b/custodia@.socket
new file mode 100644
index 0000000000000000000000000000000000000000..fbd0fabcb4d06d554314cdf7e89e43fc8c7dd13f
--- /dev/null
+++ b/custodia@.socket
@@ -0,0 +1,18 @@
+# /etc/systemd/system/custodia@.socket
+
+[Unit]
+Description=Custodia Socket for %i
+Documentation=https://github.com/latchset/custodia
+
+[Socket]
+ListenStream=/var/run/custodia/%i.sock
+Service=custodia@%i.service
+RemoveOnStop=true
+SocketUser=custodia
+SocketGroup=custodia
+SocketMode=0666
+PassCredentials=true
+PassSecurity=true
+
+[Install]
+WantedBy=sockets.target