feat(release): v1

.cursor/commands/database-migration.md

@@ -23,7 +23,7 @@ Help create and manage database migrations, generating complete migration files
     - Consider zero-downtime deployment strategies
 4. **Testing Strategy**
     - Create test data scenarios
-    - Verify migration on staging environment
+    - Verify migration on production copy/dev environment
     - Plan rollback procedures and testing
     - Document deployment steps and timing
 
@@ -36,5 +36,5 @@ Help create and manage database migrations, generating complete migration files
 - [ ] Ensured migrations are atomic and reversible
 - [ ] Added error handling and validation
 - [ ] Created test data scenarios
-- [ ] Verified migration on staging environment
+- [ ] Verified migration on local/dev environment
 - [ ] Documented deployment steps and timing

.cursor/plans/agents.md_audit_plan_0e4a4132.plan.md

@@ -194,7 +194,7 @@ flowchart LR
 | [infra/compose/networks.yaml](infra/compose/networks.yaml)         | atl-chat network                                   | —        |
 | [infra/compose/irc.yaml](infra/compose/irc.yaml)                   | atl-irc-server, atl-irc-services, atl-irc-webpanel | —        |
 | [infra/compose/xmpp.yaml](infra/compose/xmpp.yaml)                 | atl-xmpp-server, xmpp-postgres                     | —        |
-| [infra/compose/bridge.yaml](infra/compose/bridge.yaml)             | atl-bridge                                         | —        |
+| [infra/compose/bridge.yaml](infra/compose/bridge.yaml)             | bridge                                         | —        |
 | [infra/compose/cert-manager.yaml](infra/compose/cert-manager.yaml) | cert-manager                                       | —        |
 | [compose.yaml](compose.yaml)                                       | dozzle                                             | dev      |
 

.cursor/plans/atl.chat_codebase_architecture_audit_a6482578.plan.md

@@ -137,7 +137,7 @@ Without it, PROXY protocol from NPM will break XMPP C2S/S2S when NPM is in front
 
 ### 12. Bridge Compose
 
-- [infra/compose/bridge.yaml](infra/compose/bridge.yaml) defines `atl-bridge` service using `ghcr.io/allthingslinux/bridge` image
+- [infra/compose/bridge.yaml](infra/compose/bridge.yaml) defines `bridge` service using `ghcr.io/allthingslinux/bridge` image
 - Root [compose.yaml](compose.yaml) includes `infra/compose/bridge.yaml`
 
 ### 13. E2E Test Fixture Assumptions
@@ -262,7 +262,7 @@ Root compose uses `dev`, `staging`, `prod`. Bridge sub-composes use `bridge` pro
 
 ### G. Bridge – Delete or Implement
 
-Bridge is defined in `infra/compose/bridge.yaml` using the `atl-bridge` service.
+Bridge is defined in `infra/compose/bridge.yaml` using the `bridge` service.
 
 ### H. Gamja (IRC Web Client)
 

.cursor/plans/bridge_codebase_architecture_audit_24b32b4a.plan.md

@@ -211,7 +211,7 @@ How the bridge fits into the monorepo and config flow:
 
 | App            | Config                                                | Generation                         | Bridge Coupling                                                                                                       |
 | -------------- | ----------------------------------------------------- | ---------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
-| **UnrealIRCd** | `config/unrealircd.conf.template` → `unrealircd.conf` | `envsubst` via `prepare-config.sh` | `relaymsg` hostmask `bridge@${IRC_DOMAIN}`; oper `atl-bridge` with `BRIDGE_IRC_OPER_PASSWORD`; WebIRC for The Lounge  |
+| **UnrealIRCd** | `config/unrealircd.conf.template` → `unrealircd.conf` | `envsubst` via `prepare-config.sh` | `relaymsg` hostmask `bridge@${IRC_DOMAIN}`; oper `bridge` with `BRIDGE_IRC_OPER_PASSWORD`; WebIRC for The Lounge  |
 | **Atheme**     | `config/atheme.conf.template` → `atheme.conf`         | `envsubst`                         | No direct bridge coupling                                                                                             |
 | **Prosody**    | `config/prosody.cfg.lua` (Lua, no template)           | Runtime `Lua.os.getenv()`          | Component `bridge.${domain}` with `BRIDGE_XMPP_COMPONENT_SECRET`; MUC `general@muc.${PROSODY_DOMAIN}`                 |
 | **Bridge**     | `config.template.yaml` → `config.yaml`                | `envsubst`                         | Consumes `IRC_BRIDGE_SERVER`, `PROSODY_DOMAIN`, `BRIDGE_DISCORD_CHANNEL_ID`, `IRC_TLS_VERIFY`, `XMPP_AVATAR_BASE_URL` |
@@ -229,7 +229,7 @@ How the bridge fits into the monorepo and config flow:
 1. **Config schema** — Bridge `Config` class reads YAML produced by `prepare-config.sh`. Any `config/schema.py` must validate the same structure (mappings, irc.*, xmpp_*, etc.) that the template produces.
 2. **Env vars** — Bridge also reads env at runtime (`BRIDGE_DISCORD_TOKEN`, `BRIDGE_PORTAL_*`, `BRIDGE_XMPP_*`, etc.). Config cleanup should document which keys come from YAML vs env.
 3. **Compose** — Bridge container mounts `config.yaml:ro`; depends on `atl-irc-server` and `atl-xmpp-server`. No shared volume with other apps.
-4. **Naming** — UnrealIRCd uses `atl-bridge` oper nick; Prosody uses `bridge.${domain}` component JID. Bridge should not hardcode these; they come from config/env.
+4. **Naming** — UnrealIRCd uses `bridge` oper nick; Prosody uses `bridge.${domain}` component JID. Bridge should not hardcode these; they come from config/env.
 5. **Consistency** — Other apps use `config/` dir. Bridge uses `config.yaml` at app root. Proposed `config/` package is internal Python layout; the YAML file stays at `apps/bridge/config.yaml` (or `config/config.yaml` if desired).
 
 ### 2.H Portal Audit (`~/dev/allthingslinux/portal`)

.cursor/plans/custom_discord_irc_xmpp_bridge_0068eac0.plan.md

@@ -177,7 +177,7 @@ Dev dependencies. Install latest (no version pins). **Core:** `types-pyyaml`, `t
 
 ## Integration with atl.chat
 
-- Deploy as a bridge service under [atl.chat/apps/bridge](~/dev/allthingslinux/atl.chat/apps/bridge/) (e.g. `atl-bridge/`); compose in existing `bridge` profile; use `atl-network`; connect to IRC and XMPP by hostname per [atl.chat networking](~/dev/allthingslinux/atl.chat/docs/infra/networking.md).
+- Deploy as a bridge service under [atl.chat/apps/bridge](~/dev/allthingslinux/atl.chat/apps/bridge/) (e.g. `bridge/`); compose in existing `bridge` profile; use `atl-network`; connect to IRC and XMPP by hostname per [atl.chat networking](~/dev/allthingslinux/atl.chat/docs/infra/networking.md).
 - Secrets via env (same pattern as Biboumi/Matterbridge). Biboumi can remain for pure XMPP↔IRC; this bridge focuses on Discord↔IRC and Discord↔XMPP.
 
 ---

.cursor/plans/the_lounge_integration_3ba6e863.plan.md

@@ -264,7 +264,7 @@ The `third/relaymsg` module (atl.chat fork) is installed and configured, enablin
 
 - Module: `third/relaymsg` (atl.chat fork from contrib/relaymsg)
 - Config: `relaymsg { hostmask "bridge@${IRC_DOMAIN}"; }`
-- Permission: `relaymsg` granted to `bridge-oper` operclass (atl-bridge)
+- Permission: `relaymsg` granted to `bridge-oper` operclass (bridge)
 
 **Bridge integration (implemented):**
 - Bridge requests `draft/relaymsg` and `overdrivenetworks.com/relaymsg` capabilities

.cursorignore

@@ -2,12 +2,10 @@
 !.env.example
 !.env.shared.example
 !.env.dev
-!.env.staging
 !.env.prod
 !.env.local
 !.env.production
 !.env.development
-!.env.staging
 !.env.production
 !.env.*
 !.env.dev.example

.env.dev.example

@@ -62,6 +62,12 @@ BRIDGE_PORTAL_BASE_URL=
 # Disable IRC TLS cert verification (self-signed dev certs)
 BRIDGE_IRC_TLS_VERIFY=false
 
+# Relax Prosody TLS requirements for dev (self-signed certs can't pass s2s_secure_auth)
+PROSODY_C2S_REQUIRE_ENCRYPTION=false
+PROSODY_S2S_REQUIRE_ENCRYPTION=false
+PROSODY_S2S_SECURE_AUTH=false
+PROSODY_ALLOW_UNENCRYPTED_PLAIN_AUTH=true
+
 # RELAYMSG: use clean nicks (no /d suffix) when UnrealIRCd relaymsg has require-separator no
 BRIDGE_RELAYMSG_CLEAN_NICKS=true