Go from zero to deployed in under 5 minutes. Install the CLI, create an account, scaffold a project, and deploy it to the Tawa platform.
npm install -g tawa
Verify the installation:
tawa --version
tawa login
This opens your browser to Bio-ID where you can sign up or log in. On first registration the platform automatically:
Confirm you are authenticated:
tawa whoami
For CI pipelines or AI coding agents (Claude, Cursor, etc.) that cannot open a browser, use stored credentials. The --save flag persists your email and password so the CLI can re-authenticate without a browser:
tawa login --email [email protected] --password 'MyPass!' --save
This writes a YAML file at ~/.tawa/credentials with 0600 permissions. You can also create it manually — especially useful for passwords containing special characters:
# ~/.tawa/credentials (YAML format, 0600 permissions)
email: [email protected]
password: "MyPass!"
The CLI resolves credentials in this priority order:
--email and --password passed directlyTAWA_EMAIL and TAWA_PASSWORD~/.tawa/credentials| Template | Command | What you get |
|---|---|---|
| Static Site | tawa sample --static my-site | HTML/CSS site served by nginx |
| Express API | tawa sample --api my-svc | TypeScript Express API with health endpoint and tests |
| Next.js App | tawa sample --nextjs my-app | Next.js 14 with standalone output and Bio-ID auth |
| Full MGA | tawa sample --mga my-mga | API + web portal + reports, multi-service scaffold |
Every template includes a pre-configured catalog-info.yaml.
Open catalog-info.yaml. This is the single source of truth for how the builder deploys your service.
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: my-svc
description: My API service
annotations:
insureco.io/framework: express
spec:
type: service
lifecycle: production
owner: my-org
metadata.name becomes your service hostname: my-svc.tawa.insureco.io (production) or my-svc.sandbox.tawa.insureco.io (sandbox).
tawa preflight
Validates catalog-info.yaml syntax, health endpoint, git remote, and framework annotation. Fix any errors before deploying.
# Deploy to sandbox first
tawa deploy --watch
# Deploy to production when ready
tawa deploy --prod
| Flag | Environment | URL Pattern |
|---|---|---|
| (default) | Sandbox | {name}.sandbox.tawa.insureco.io |
--prod | Production | {name}.tawa.insureco.io |
--uat | UAT | {name}.uat.tawa.insureco.io |
tawa status # deployment status
tawa builds # recent builds
tawa logs # stream live logs
When you run tawa deploy, the builder automatically:
catalog-info.yamlTawa supports both Forgejo (git.insureco.io) and GitHub. For GitHub repos, the platform uses a PAT configured by your admin to clone during builds. Once configured, deploying a GitHub project works identically to Forgejo:
cd my-github-project
tawa deploy
tawa troubleshoot
| Symptom | Likely Cause | Fix |
|---|---|---|
| CrashLoopBackOff | Health endpoint missing or wrong port | Ensure insureco.io/health-endpoint matches a real route |
| OOMKilled | Pod tier too small | Increase insureco.io/pod-tier (small, medium, large) |
| Deploy gate failure | Insufficient wallet balance | Buy tokens or lower pod tier |
| Database connection refused | Missing spec.databases | Add database config to catalog-info.yaml |
Last updated: February 28, 2026