aza/AzA march 2026/deploy/DEPLOY_CHECKLIST.md

AZA Deployment Checklist (Step 16)

1. Environment variables

• MEDWORK_API_TOKEN – required for API auth (or use backend_token.txt in repo root)
• Stripe placeholders: STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET (set when Stripe is configured)
• Secrets policy: never commit tokens; use env or secret store; backend_token.txt in .gitignore

2. Backend startup

• python backend_main.py (from project root)
• Required dependencies: install via pip install -r requirements.txt or project-specific install

3. Caddy reverse proxy

Example Caddyfile (see deploy/Caddyfile):

{$DOMAIN} {
    encode gzip zstd
    reverse_proxy backend:8000
}

:8080 {
    encode gzip zstd
    reverse_proxy localhost:8000
}

• Domain placeholder: set DOMAIN=example.com when DNS points to this machine

4. Health verification

curl -H "X-API-Token: AZA_LOCAL_TOKEN_123456" http://localhost:8080/license/status
curl http://localhost:8080/health

5. Restart procedure

1. Restart backend (stop process, then python backend_main.py)
2. Restart Caddy (stop process, then caddy run --config deploy/Caddyfile)