# Self-Hosted Deployment Strategy

Self-hosted installs should be easy to deploy but hard to counterfeit.

## Package Contents

```text
backend/
frontend build/
installer wizard/
database migrations/
seeders/
license client/
update client/
release manifest/
signature file/
nginx examples/
queue and cron docs/
Docker Compose bundle/
```

## Installation Flow

1. Upload package.
2. Open installer.
3. Validate server requirements.
4. Configure database and environment.
5. Create admin.
6. Validate purchase code.
7. Activate domain and installation fingerprint.
8. Lock installer.
9. Redirect to command center.

## Premium Cloud Dependency

The self-hosted app can run core operations locally, but these should remain cloud-entitled:

- AI orchestration
- Marketplace access
- Signed updates
- SMS routing recommendations
- Premium analytics
- Premium modules

## Deployment Attestation

Self-hosted installs should report:

- environment hash
- server fingerprint hash
- PHP/Node/database/Redis readiness
- queue and scheduler readiness
- HTTPS state
- installer lock state

Failed attestation blocks release binding and can restrict premium services until an administrator reviews the environment.

## Production Compose

Small self-hosted customers can use `deploy/docker-compose.prod.yml` as a starting point. It includes health checks, persistent database/Redis volumes, restart policies, and nginx security headers. See `docs/deployment/production-compose-runbook.md`.