# AZA Deployment Checklist (Step 16)

## 1. Environment variables

- `MEDWORK_API_TOKEN` – required for API auth (or use `backend_token.txt` in repo root)
- Stripe placeholders: `STRIPE_SECRET_KEY`, `STRIPE_WEBHOOK_SECRET` (set when Stripe is configured)
- Secrets policy: never commit tokens; use env or secret store; `backend_token.txt` in `.gitignore`

## 2. Backend startup

- `python backend_main.py` (from project root)
- Required dependencies: install via `pip install -r requirements.txt` or project-specific install

## 3. Caddy reverse proxy

Example Caddyfile (see `deploy/Caddyfile`):

```
{$DOMAIN} {
    encode gzip zstd
    reverse_proxy backend:8000
}

:8080 {
    encode gzip zstd
    reverse_proxy localhost:8000
}
```

- Domain placeholder: set `DOMAIN=example.com` when DNS points to this machine

## 4. Health verification

```bash
curl -H "X-API-Token: AZA_LOCAL_TOKEN_123456" http://localhost:8080/license/status
curl http://localhost:8080/health
```

## 5. Restart procedure

1. Restart backend (stop process, then `python backend_main.py`)
2. Restart Caddy (stop process, then `caddy run --config deploy/Caddyfile`)