CHANGELOG.md

# Changelog

All notable changes to this project will be documented in this file.

## [Unreleased]

### Bug Fixes

- Fix certs path.
- Fix self signed certs.
- Fix su prosody.
- Fix su prosody (2).
- Fix su prosody (3).
- Fix su prosody (4).
- Fix symlinks.
- Fixed tls config..
- Fix TLS cert domain mismatch: VirtualHost now matches cert domain

VirtualHost changed from "guschin.info" to "xmpp.guschin.info" to match
the Let's Encrypt certificate. Moved certificates directive before
VirtualHost block. Removed misplaced default_realm and global ssl block.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

### Changes

- Initial commit
- Init.
- MySQL running on host.
- Network.
- Extra hosts.
- Change ip.
- Nginx.
- Certs in docker compose.
- Certs volume.
- Certs path.
- Nginx ssl.
- Lua-unbound.
- Certs volume.
- Delete self signed certs.
- Delete user prosody from entrypoing..
- Using existing certs..
- Remove obsolete version attribute from docker-compose.yml

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mount only xmpp cert dirs to fix letsencrypt permission errors

Mount specific live/ and archive/ subdirectories instead of all of
/etc/letsencrypt to avoid Prosody scanning root-only directories
(accounts/, archive/ for other domains). Also remove allow_registration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

### Features

- Enable s2s_require_encryption to match s2s_secure_auth

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add ca-certificates to fix s2s TLS verification

Without CA certs, Prosody cannot verify remote servers' certificates,
causing all server-to-server connections to fail with "not trusted".

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Enable mod_mam for persistent direct message archiving

Messages are stored indefinitely in MySQL.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add guschin.info VirtualHost alongside xmpp.guschin.info

Users can now register as name@guschin.info or name@xmpp.guschin.info.
Added Let's Encrypt cert mounting and install for guschin.info domain.
Refactored entrypoint cert install into reusable function.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add changelog service and release-new skill - cliff.toml: git-cliff config with semantic-style grouping (no conventional commits required) - CHANGELOG.md: initial changelog generated from full git history - .claude/commands/release-new.md: /release-new [major\|minor\|patch] skill that bumps version, updates changelog, commits, tags, and pushes Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-03-23 14:47:00 +03:00			`# Changelog`

			`All notable changes to this project will be documented in this file.`

			`## [Unreleased]`

			`### Bug Fixes`

			`- Fix certs path.`
			`- Fix self signed certs.`
			`- Fix su prosody.`
			`- Fix su prosody (2).`
			`- Fix su prosody (3).`
			`- Fix su prosody (4).`
			`- Fix symlinks.`
			`- Fixed tls config..`
			`- Fix TLS cert domain mismatch: VirtualHost now matches cert domain`

			`VirtualHost changed from "guschin.info" to "xmpp.guschin.info" to match`
			`the Let's Encrypt certificate. Moved certificates directive before`
			`VirtualHost block. Removed misplaced default_realm and global ssl block.`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`

			`### Changes`

			`- Initial commit`
			`- Init.`
			`- MySQL running on host.`
			`- Network.`
			`- Extra hosts.`
			`- Change ip.`
			`- Nginx.`
			`- Certs in docker compose.`
			`- Certs volume.`
			`- Certs path.`
			`- Nginx ssl.`
			`- Lua-unbound.`
			`- Certs volume.`
			`- Delete self signed certs.`
			`- Delete user prosody from entrypoing..`
			`- Using existing certs..`
			`- Remove obsolete version attribute from docker-compose.yml`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`
			`- Mount only xmpp cert dirs to fix letsencrypt permission errors`

			`Mount specific live/ and archive/ subdirectories instead of all of`
			`/etc/letsencrypt to avoid Prosody scanning root-only directories`
			`(accounts/, archive/ for other domains). Also remove allow_registration.`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`

			`### Features`

			`- Enable s2s_require_encryption to match s2s_secure_auth`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`
			`- Add ca-certificates to fix s2s TLS verification`

			`Without CA certs, Prosody cannot verify remote servers' certificates,`
			`causing all server-to-server connections to fail with "not trusted".`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`
			`- Enable mod_mam for persistent direct message archiving`

			`Messages are stored indefinitely in MySQL.`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`
			`- Add guschin.info VirtualHost alongside xmpp.guschin.info`

			`Users can now register as name@guschin.info or name@xmpp.guschin.info.`
			`Added Let's Encrypt cert mounting and install for guschin.info domain.`
			`Refactored entrypoint cert install into reusable function.`

			`Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>`