diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
index f4c31c52..6803bc56 100644
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -804,9 +804,154 @@ jobs:
         git commit -m "Remove outdated Fedora ${FEDORA} blobs"
         git push --set-upstream origin "${update_branch}"
 
+  update-f41:
+    name: Update Fedora 41 repository
+    needs: [hold-staging]
+    runs-on: ubuntu-latest
+    container:
+      image: fedora:41
+      options: --security-opt seccomp=unconfined
+    env:
+      FEDORA: 41
+    steps:
+    - name: Update repository
+      run: |
+        repo="https://${GITHUB_ACTOR}:${TOKEN}@github.com/${GITHUB_REPOSITORY}.git"
+
+        path_root="${PWD}"
+        path_staging="${path_root}/staging"
+        path_current="${path_root}/current"
+        path_repo="${path_root}/repo"
+
+        # install dependencies for precheck
+        echo "==> Installing pre-check dependencies"
+        dnf distro-sync -y
+        dnf install -y git diffutils
+
+        # fetch 'staging' and 'current' branch
+        echo "==> Setting up repositories"
+        git clone -b "${BRANCH_CURRENT}" "${repo}" "${path_current}"
+        cp -a "${path_current}" "${path_staging}"
+        cd "${path_staging}"
+        git checkout "${BRANCH_HOLD}"
+        cd "${path_root}"
+
+        # check for changs, exit if there's nothing to do
+        echo "==> Checking for changes"
+        diff -arq "${path_staging}/fedora/f${FEDORA}" "${path_current}/fedora/f${FEDORA}" && exit 0
+        echo "==> Changes detected: continuing"
+
+        # set git identity
+        git config --global user.email "surfacebot@users.noreply.github.com"
+        git config --global user.name "surfacebot"
+
+        # install dependencies
+        echo "==> Installing dependencies"
+        dnf install -y createrepo_c git findutils wget
+
+        # clone repo branch
+        echo "==> Cloning package repository"
+        git clone -b "${BRANCH_REPO}" "${repo}" "${path_repo}"
+        mkdir -p "${path_repo}/fedora/f${FEDORA}"
+        cd "${path_repo}/fedora/f${FEDORA}"
+
+        # copy blob files
+        echo "==> Updating blobs"
+        mkdir -p "${path_staging}/fedora/f${FEDORA}/"
+        cp "${path_staging}/fedora/f${FEDORA}/"* . || :
+
+        # download blob files, ignore ones that are not present any more
+        echo "==> Downloading blobs"
+        for blob in $(find . -name '*.blob'); do
+          blobref="$(cat $blob)"
+          repo="${blobref%%:*}"
+          vers="${blobref#*:}"
+          wget "https://github.com/linux-surface/$repo/releases/download/$vers" || continue
+        done
+
+        # update repo
+        echo "==> Updating repo"
+        createrepo_c --xz --update --verbose .
+
+        # remove blob files without binary
+        for blob in $(find . -name '*.blob'); do
+          if [ ! -f "${blob%.blob}" ]; then
+            rm -f "${blob}"
+          fi
+        done
+
+        # sign repo
+        echo "==> Signing repo"
+        echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
+        if [ -f 'repodata/repomd.xml.asc' ]; then
+          rm repodata/repomd.xml.asc
+        fi
+        gpg --detach-sign --batch --no-tty --armor -u $GPG_KEY_ID repodata/repomd.xml
+
+        # commit changes
+        echo "==> Committing"
+        git checkout -b "tmp"
+        git add .   # Note: binary files are ignored in .gitignore
+        git commit -m "Update Fedora ${FEDORA} repository"
+
+        # push repo, rebase and retry if necessary
+        echo "==> Pushing"
+        num_tries=10
+        retry_sleep=30
+
+        tries=0
+        until [ $tries -ge ${num_tries} ]; do
+            echo "  - Starting attempt ${tries}/${num_tries}"
+
+            # checkout, reset, and update target branch
+            git checkout "${BRANCH_REPO}"
+            git reset --hard "origin/${BRANCH_REPO}"
+            git pull
+
+            # rebase and merge
+            git rebase "${BRANCH_REPO}" "tmp"
+            git checkout "${BRANCH_REPO}"
+            git merge "tmp"
+
+            # try to push, break on success
+            git push && break
+
+            echo "  - Failed to push changes"
+
+            tries=$((tries+1))
+            sleep ${retry_sleep}
+        done
+
+        if [ $tries -ge ${num_tries} ]; then
+            echo "==> Failed to update repository"
+            exit 1
+        fi
+
+        # find and remove outdated blobs and signatures (no binary data)
+        echo "==> Looking for outdated blobs"
+        cd "${path_staging}/fedora/f${FEDORA}"
+
+        for blob in $(find . -name '*.blob'); do
+          file="${blob%.blob}"
+          if [ ! -f "${path_repo}/fedora/f${FEDORA}/${file}" ]; then
+            rm -f "${blob}"
+          fi
+        done
+
+        # check if there are changes, if not we're done
+        git diff-index --quiet HEAD -- && exit 0
+        echo "==> Changes detected, stage updates"
+
+        # commit updates and push
+        update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
+        git checkout -b "${update_branch}"
+        git add .
+        git commit -m "Remove outdated Fedora ${FEDORA} blobs"
+        git push --set-upstream origin "${update_branch}"
+
   update-current:
     name: Update state
-    needs: [update-arch, update-arch-aarch64, update-debian, update-f39, update-f40]
+    needs: [update-arch, update-arch-aarch64, update-debian, update-f39, update-f40, update-f41]
     runs-on: ubuntu-latest
     steps:
     - name: Update current branch
diff --git a/fedora/f41/.gitkeep b/fedora/f41/.gitkeep
new file mode 100644
index 00000000..e69de29b