diff --git a/roles/lldap/templates/docker-compose.yml.j2 b/roles/lldap/templates/docker-compose.yml.j2
index c9c69d3..c43bf24 100644
--- a/roles/lldap/templates/docker-compose.yml.j2
+++ b/roles/lldap/templates/docker-compose.yml.j2
@@ -14,6 +14,16 @@ services:
     networks:
       - proxy
     restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    tmpfs:
+      - /tmp:noexec,nosuid,size=50m
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:17170/health"]
+      interval: 30s
+      timeout: 3s
+      retries: 3
+      start_period: 10s
 
 volumes:
   lldap_data: