In this article we create a key to sign our packages.
We follow this article to create the key.
https://www.arcolinuxiso.com/create-a-key-to-sign-your-packages/
Ensure you create a good personal and private keyword. Use lastpass or bitwarden or other password generators.
You will get a short key and a long key. Keep those numbers in a file for convenience.
Then we rebuild all our packages with our signature.
We also tell /etc/pacman.conf that we will be using signatures.
SigLevel = Required DatabaseOptional
We will be signing our database of Carli as well by changing the update_repo.sh.