From 6837683608c79095bc7be4edde9cce938a07ba9a Mon Sep 17 00:00:00 2001
From: Jeremie Fraeys <jfaeys@gmail.com>
Date: Fri, 6 Mar 2026 14:25:23 -0500
Subject: [PATCH] feat(lldap): add container healthcheck

- Add healthcheck using wget to /health endpoint
- Set interval: 30s, timeout: 3s, retries: 3, start_period: 10s
---
 roles/lldap/templates/docker-compose.yml.j2 | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/lldap/templates/docker-compose.yml.j2 b/roles/lldap/templates/docker-compose.yml.j2
index c9c69d3..c43bf24 100644
--- a/roles/lldap/templates/docker-compose.yml.j2
+++ b/roles/lldap/templates/docker-compose.yml.j2
@@ -14,6 +14,16 @@ services:
     networks:
       - proxy
     restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    tmpfs:
+      - /tmp:noexec,nosuid,size=50m
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:17170/health"]
+      interval: 30s
+      timeout: 3s
+      retries: 3
+      start_period: 10s
 
 volumes:
   lldap_data: