From 5e28af783450aa18fc7897ca2ef68944ff6c8733 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 20:36:54 -0400
Subject: [PATCH 1/9] Enhance Unbound service: add control key generation and
 healthcheck

---
 docker/docker-compose.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index a61b22f..70aced9 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -52,12 +52,26 @@ services:
     container_name: unbound
     image: "mvance/unbound-rpi:latest"
     hostname: unbound
+    command: >
+      sh -c "
+        if [ ! -f /opt/unbound/etc/unbound/unbound_control.key ]; then
+          echo 'Generating Unbound control keys...';
+          unbound-control-setup -d /opt/unbound/etc/unbound;
+        fi &&
+        unbound -d -c /opt/unbound/etc/unbound/unbound.conf
+      "
     networks:
       macvlan:
         ipv4_address: ${IP_UNBOUND}
     volumes:
       - "./unbound:/opt/unbound/etc/unbound"
     restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "unbound-control -c /opt/unbound/etc/unbound/unbound.conf status"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   caddy:
     container_name: caddy

From 92195f624093516d9060016112b3e2aa03facac2 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 20:40:39 -0400
Subject: [PATCH 2/9] Enable remote control for Unbound

---
 docker/unbound/unbound.conf.template | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/unbound/unbound.conf.template b/docker/unbound/unbound.conf.template
index ceddd39..9d44bb3 100644
--- a/docker/unbound/unbound.conf.template
+++ b/docker/unbound/unbound.conf.template
@@ -74,3 +74,9 @@ server:
     access-control: ${IP_PIHOLE}/32 allow
     access-control: ${IP_BLACKBOX}/32 allow
     access-control: 0.0.0.0/0 refuse
+
+    # Enable unbound-control
+    remote-control:
+        control-enable: yes
+        control-interface: 127.0.0.1
+        control-port: 8953

From d88b2fd41f136c246c4f42e0ad1e8276983d3344 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 20:42:12 -0400
Subject: [PATCH 3/9] Make PiHole depend on Unbound being healthy

---
 docker/docker-compose.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 70aced9..a0fbd7e 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -47,6 +47,9 @@ services:
       - SYS_TIME
       - SYS_NICE
     restart: unless-stopped
+    depends_on:
+      unbound:
+        condition: service_healthy
 
   unbound:
     container_name: unbound

From 259020233dcbb26385cfb926a7ff268d2b4d78d3 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:14:40 -0400
Subject: [PATCH 4/9] Add Caddy healthcheck and endpoint.

---
 docker/caddy/Caddyfile    | 5 +++++
 docker/docker-compose.yml | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/docker/caddy/Caddyfile b/docker/caddy/Caddyfile
index 409a5a8..79a96fa 100644
--- a/docker/caddy/Caddyfile
+++ b/docker/caddy/Caddyfile
@@ -11,6 +11,11 @@
     }
 }
 
+# Health check
+:8081 {
+    respond /health 200
+}
+
 (logging) {
     log {
         output file /data/logs/{args[0]}.log {
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index a0fbd7e..52c947f 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -101,6 +101,12 @@ services:
       - IP_GRAFANA=${IP_GRAFANA}
       - IP_UPTIME_KUMA=${IP_UPTIME_KUMA}
       - IP_UMAMI_APP=${IP_UMAMI_APP}
+    healthcheck:
+      test: ["CMD", "wget", "--quiet", "--spider", "--tries=1", "http://localhost:8081/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   umami_db:
     image: postgres:alpine

From bd79166fe6aaab4b0298c0895fbfbbcf9b1795f8 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:16:24 -0400
Subject: [PATCH 5/9] Add Umami_app healthcheck

---
 docker/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 52c947f..962ff23 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -145,6 +145,12 @@ services:
       APP_SECRET: ${UMAMI_APP_SECRET}
       TZ: "America/New_York"
       DISABLE_LOGIN: "false"
+    healthcheck:
+      test: ["CMD-SHELL", "wget --quiet --spider --tries=1 http://localhost:3000 || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   # --- Monitoring Services ---
   prometheus:

From b551bac08f19017718a802ab0621defc658f3ec9 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:16:52 -0400
Subject: [PATCH 6/9] Add Prometheus healthcheck

---
 docker/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 962ff23..6107c25 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -169,6 +169,12 @@ services:
     networks:
       macvlan:
         ipv4_address: ${IP_PROMETHEUS}
+    healthcheck:
+      test: ["CMD-SHELL", "wget --quiet --spider --tries=1 http://localhost:9090/-/healthy || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   grafana:
     image: grafana/grafana-oss:latest

From 470311f8af70aa81eb8d46bc5df12b90adf27551 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:17:18 -0400
Subject: [PATCH 7/9] Add Grafana healthcheck

---
 docker/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 6107c25..53b2351 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -192,6 +192,12 @@ services:
     networks:
       macvlan:
         ipv4_address: ${IP_GRAFANA}
+    healthcheck:
+      test: ["CMD-SHELL", "wget --quiet --spider --tries=1 http://localhost:3000/api/health || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   rpi_node_exporter:
     image: prom/node-exporter:latest

From e94578acb2ca426187f59f03f00890fdc3e0105c Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:18:27 -0400
Subject: [PATCH 8/9] Add node_exporter healthcheck

---
 docker/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 53b2351..9b57b7e 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -215,6 +215,12 @@ services:
       - "--path.sysfs=/host/sys"
       - "--path.rootfs=/rootfs"
       - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
+    healthcheck:
+      test: ["CMD-SHELL", "wget --quiet --spider --tries=1 http://localhost:9100/metrics || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   cadvisor:
     image: gcr.io/cadvisor/cadvisor:latest

From 7332a91bef1b8d5ac1e9e4e68ce7c99da83c8243 Mon Sep 17 00:00:00 2001
From: Adam Crawford <geeksbsmrt@gmail.com>
Date: Wed, 2 Jul 2025 21:19:07 -0400
Subject: [PATCH 9/9] Add blackbox-exporter healthcheck

---
 docker/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 9b57b7e..3fc578b 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -251,6 +251,12 @@ services:
     networks:
       macvlan:
         ipv4_address: ${IP_BLACKBOX}
+    healthcheck:
+      test: ["CMD-SHELL", "wget --quiet --spider --tries=1 http://localhost:9115 || exit 1"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
 
   uptime_kuma:
     image: louislam/uptime-kuma:latest