From fe31369f8c2b6260158db1e894bc27ed7d657c89 Mon Sep 17 00:00:00 2001
From: Bert-Jan Fikse <bert-jan@whatwedo.ch>
Date: Wed, 14 Jan 2026 17:36:52 +0100
Subject: [PATCH] chore: add healthcheck to authentik and wait for it after
 deployment

---
 roles/authentik/tasks/main.yml                  | 4 +++-
 roles/authentik/templates/docker-compose.yml.j2 | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/roles/authentik/tasks/main.yml b/roles/authentik/tasks/main.yml
index a762969..aa14bd3 100644
--- a/roles/authentik/tasks/main.yml
+++ b/roles/authentik/tasks/main.yml
@@ -51,4 +51,6 @@
   community.docker.docker_compose_v2:
     project_src: "{{ authentik_docker_compose_dir }}"
     state: present
-    recreate: "{{ blueprints_changed | ternary('always', 'auto') }}"
\ No newline at end of file
+    recreate: "{{ blueprints_changed | ternary('always', 'auto') }}"
+    wait: true
+    wait_timeout: 300
\ No newline at end of file
diff --git a/roles/authentik/templates/docker-compose.yml.j2 b/roles/authentik/templates/docker-compose.yml.j2
index c6b1460..90d6819 100644
--- a/roles/authentik/templates/docker-compose.yml.j2
+++ b/roles/authentik/templates/docker-compose.yml.j2
@@ -21,6 +21,12 @@ services:
     image: {{ authentik_image }}
     restart: unless-stopped
     command: server
+    healthcheck:
+      test: ["CMD", "ak", "healthcheck"]
+      start_period: 30s
+      interval: 10s
+      retries: 5
+      timeout: 5s
     environment:
       AUTHENTIK_SECRET_KEY: {{ authentik_secret_key }}
       AUTHENTIK_POSTGRESQL__HOST: postgres