diff --git a/CHANGELOG.md b/CHANGELOG.md
index ced38b3..4b93e4a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,37 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 <!-- towncrier release notes start -->
 
+## [v1.15.1] - 2026-03-28
+
+### Features
+
+- Add Tor Snowflake proxy on ringtail as a systemd service to support anti-censorship efforts.
+- Add offsite backup for immich photo library to BorgBase, running daily at 4 AM from indri via sifaka SMB mount.
+- Add QArt Tuner — a Go tool that generates QR codes whose data modules form a recognizable image, with an interactive web UI for parameter tuning. Based on the [QArt technique](https://research.swtch.com/qart) by Russ Cox. Lives in `utils/qart/`.
+
+### Infrastructure
+
+- Migrate Forgejo from Homebrew to source build with mcquack LaunchAgent, matching the pattern used by zot, caddy, and alloy. Upgrades to v14.0.3 (7 security fixes including PKCE bypass and OAuth scope bypass).
+- Add borgmatic pg_dump backups for authentik and immich databases. Authentik uses the existing blumeops-pg cluster on port 5432. Immich requires a new borgmatic role on the immich-pg cluster, a Tailscale service, and Caddy L4 proxy on port 5433.
+- Upgrade External Secrets Operator from v1.3.2 to v2.2.0 and migrate from Helm chart to static kustomize manifests.
+- Add post-deploy maintenance docs and generation pruning task for ringtail.
+- Fix Immich Helm values: resource limits and probe timeouts were silently ignored due to wrong value keys. Resources now actually apply to pods, and liveness/readiness probe timeouts increased from 1s to 5s to prevent kubelet from killing pods during ML inference.
+- Reduce PodNotReady alert lookback window from 5m to 60s to clear faster after rollouts.
+- Tighten ArgoCDAppOutOfSync alert: reduce pending duration from 30m to 5m and lookback window from 5m to 1m so alerts clear faster after sync.
+- Update ringtail flake inputs (nixpkgs, home-manager).
+- Upgrade Homepage dashboard from v1.10.1 to v1.11.0
+- Upgrade nvidia-device-plugin from v0.18.2 to v0.19.0
+
+### Documentation
+
+- Review and fix CV service doc (correct URL, forge domain, container tag link) and add private forge repo review guidance to review-services process.
+- Review tailscale-setup tutorial: fix macOS install steps, add `--accept-routes` tip, correct tag name, add ACL apply instructions, add `[[tailscale-operator]]` cross-reference.
+
+### Miscellaneous
+
+- Add `preserve/*` branch prefix exclusion to `branch-cleanup` task; document Pyroscope profiling work and blockers in observability reference.
+
+
 ## [v1.15.0] - 2026-03-24
 
 ### Features
diff --git a/argocd/manifests/docs/deployment.yaml b/argocd/manifests/docs/deployment.yaml
index c1203dd..9b61fb0 100644
--- a/argocd/manifests/docs/deployment.yaml
+++ b/argocd/manifests/docs/deployment.yaml
@@ -30,7 +30,7 @@ spec:
               name: http
           env:
             - name: DOCS_RELEASE_URL
-              value: "https://forge.eblu.me/eblume/blumeops/releases/download/v1.15.0/docs-v1.15.0.tar.gz"
+              value: "https://forge.eblu.me/eblume/blumeops/releases/download/v1.15.1/docs-v1.15.1.tar.gz"
           resources:
             requests:
               memory: "64Mi"
diff --git a/docs/changelog.d/+branch-cleanup-preserve.misc.md b/docs/changelog.d/+branch-cleanup-preserve.misc.md
deleted file mode 100644
index 425e8cc..0000000
--- a/docs/changelog.d/+branch-cleanup-preserve.misc.md
+++ /dev/null
@@ -1 +0,0 @@
-Add `preserve/*` branch prefix exclusion to `branch-cleanup` task; document Pyroscope profiling work and blockers in observability reference.
diff --git a/docs/changelog.d/+cv-doc-review.doc.md b/docs/changelog.d/+cv-doc-review.doc.md
deleted file mode 100644
index ecace7d..0000000
--- a/docs/changelog.d/+cv-doc-review.doc.md
+++ /dev/null
@@ -1 +0,0 @@
-Review and fix CV service doc (correct URL, forge domain, container tag link) and add private forge repo review guidance to review-services process.
diff --git a/docs/changelog.d/+homepage-v1.11.0.infra.md b/docs/changelog.d/+homepage-v1.11.0.infra.md
deleted file mode 100644
index a35eaed..0000000
--- a/docs/changelog.d/+homepage-v1.11.0.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Upgrade Homepage dashboard from v1.10.1 to v1.11.0
diff --git a/docs/changelog.d/+immich-resource-probes.infra.md b/docs/changelog.d/+immich-resource-probes.infra.md
deleted file mode 100644
index 86c3a92..0000000
--- a/docs/changelog.d/+immich-resource-probes.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Fix Immich Helm values: resource limits and probe timeouts were silently ignored due to wrong value keys. Resources now actually apply to pods, and liveness/readiness probe timeouts increased from 1s to 5s to prevent kubelet from killing pods during ML inference.
diff --git a/docs/changelog.d/+nvidia-device-plugin-v0.19.0.infra.md b/docs/changelog.d/+nvidia-device-plugin-v0.19.0.infra.md
deleted file mode 100644
index 95abf25..0000000
--- a/docs/changelog.d/+nvidia-device-plugin-v0.19.0.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Upgrade nvidia-device-plugin from v0.18.2 to v0.19.0
diff --git a/docs/changelog.d/+podnotready-lookback.infra.md b/docs/changelog.d/+podnotready-lookback.infra.md
deleted file mode 100644
index fec02df..0000000
--- a/docs/changelog.d/+podnotready-lookback.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Reduce PodNotReady alert lookback window from 5m to 60s to clear faster after rollouts.
diff --git a/docs/changelog.d/+qart-tuner.feature.md b/docs/changelog.d/+qart-tuner.feature.md
deleted file mode 100644
index 720774d..0000000
--- a/docs/changelog.d/+qart-tuner.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-Add QArt Tuner — a Go tool that generates QR codes whose data modules form a recognizable image, with an interactive web UI for parameter tuning. Based on the [QArt technique](https://research.swtch.com/qart) by Russ Cox. Lives in `utils/qart/`.
diff --git a/docs/changelog.d/+review-tailscale-setup.doc.md b/docs/changelog.d/+review-tailscale-setup.doc.md
deleted file mode 100644
index e3395a0..0000000
--- a/docs/changelog.d/+review-tailscale-setup.doc.md
+++ /dev/null
@@ -1 +0,0 @@
-Review tailscale-setup tutorial: fix macOS install steps, add `--accept-routes` tip, correct tag name, add ACL apply instructions, add `[[tailscale-operator]]` cross-reference.
diff --git a/docs/changelog.d/+ringtail-post-deploy-maintenance.infra.md b/docs/changelog.d/+ringtail-post-deploy-maintenance.infra.md
deleted file mode 100644
index c85a3da..0000000
--- a/docs/changelog.d/+ringtail-post-deploy-maintenance.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Add post-deploy maintenance docs and generation pruning task for ringtail.
diff --git a/docs/changelog.d/+tune-argocd-outofsync-alert.infra.md b/docs/changelog.d/+tune-argocd-outofsync-alert.infra.md
deleted file mode 100644
index cac4b46..0000000
--- a/docs/changelog.d/+tune-argocd-outofsync-alert.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Tighten ArgoCDAppOutOfSync alert: reduce pending duration from 30m to 5m and lookback window from 5m to 1m so alerts clear faster after sync.
diff --git a/docs/changelog.d/+update-ringtail-flake.infra.md b/docs/changelog.d/+update-ringtail-flake.infra.md
deleted file mode 100644
index d2c1ce8..0000000
--- a/docs/changelog.d/+update-ringtail-flake.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Update ringtail flake inputs (nixpkgs, home-manager).
diff --git a/docs/changelog.d/build-forgejo-from-source.infra.md b/docs/changelog.d/build-forgejo-from-source.infra.md
deleted file mode 100644
index bffd5c7..0000000
--- a/docs/changelog.d/build-forgejo-from-source.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Migrate Forgejo from Homebrew to source build with mcquack LaunchAgent, matching the pattern used by zot, caddy, and alloy. Upgrades to v14.0.3 (7 security fixes including PKCE bypass and OAuth scope bypass).
diff --git a/docs/changelog.d/deploy-snowflake-proxy.feature.md b/docs/changelog.d/deploy-snowflake-proxy.feature.md
deleted file mode 100644
index e34af2b..0000000
--- a/docs/changelog.d/deploy-snowflake-proxy.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-Add Tor Snowflake proxy on ringtail as a systemd service to support anti-censorship efforts.
diff --git a/docs/changelog.d/feature-borgmatic-all-pg-backups.infra.md b/docs/changelog.d/feature-borgmatic-all-pg-backups.infra.md
deleted file mode 100644
index 892ee65..0000000
--- a/docs/changelog.d/feature-borgmatic-all-pg-backups.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Add borgmatic pg_dump backups for authentik and immich databases. Authentik uses the existing blumeops-pg cluster on port 5432. Immich requires a new borgmatic role on the immich-pg cluster, a Tailscale service, and Caddy L4 proxy on port 5433.
diff --git a/docs/changelog.d/immich-photos-backup.feature.md b/docs/changelog.d/immich-photos-backup.feature.md
deleted file mode 100644
index 6391af5..0000000
--- a/docs/changelog.d/immich-photos-backup.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-Add offsite backup for immich photo library to BorgBase, running daily at 4 AM from indri via sifaka SMB mount.
diff --git a/docs/changelog.d/upgrade-external-secrets-v2.infra.md b/docs/changelog.d/upgrade-external-secrets-v2.infra.md
deleted file mode 100644
index 606a937..0000000
--- a/docs/changelog.d/upgrade-external-secrets-v2.infra.md
+++ /dev/null
@@ -1 +0,0 @@
-Upgrade External Secrets Operator from v1.3.2 to v2.2.0 and migrate from Helm chart to static kustomize manifests.