diff --git a/.gitea/workflows/staging.yaml b/.gitea/workflows/staging.yaml
index 78fa0c6..8815866 100644
--- a/.gitea/workflows/staging.yaml
+++ b/.gitea/workflows/staging.yaml
@@ -145,7 +145,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Check container status
+      - name: Check container status and health
         run: |
           for service in mvp-frontend-staging mvp-backend-staging mvp-postgres-staging mvp-redis-staging; do
             status=$(docker inspect --format='{{.State.Status}}' $service 2>/dev/null || echo "not found")
@@ -157,6 +157,36 @@ jobs:
             echo "OK: $service is running"
           done
 
+          # Wait for Docker healthchecks to complete (services with healthcheck defined)
+          echo ""
+          echo "Waiting for Docker healthchecks..."
+          for service in mvp-frontend-staging mvp-backend-staging mvp-postgres-staging mvp-redis-staging; do
+            # Check if service has a healthcheck defined
+            has_healthcheck=$(docker inspect --format='{{if .Config.Healthcheck}}true{{else}}false{{end}}' $service 2>/dev/null || echo "false")
+            if [ "$has_healthcheck" = "true" ]; then
+              for i in 1 2 3 4 5 6 7 8 9 10; do
+                health=$(docker inspect --format='{{.State.Health.Status}}' $service 2>/dev/null || echo "unknown")
+                if [ "$health" = "healthy" ]; then
+                  echo "OK: $service is healthy"
+                  break
+                elif [ "$health" = "unhealthy" ]; then
+                  echo "ERROR: $service is unhealthy"
+                  docker logs $service --tail 50 2>/dev/null || true
+                  exit 1
+                fi
+                if [ $i -eq 10 ]; then
+                  echo "ERROR: $service health check timed out (status: $health)"
+                  docker logs $service --tail 50 2>/dev/null || true
+                  exit 1
+                fi
+                echo "Waiting for $service healthcheck... (attempt $i/10, status: $health)"
+                sleep 5
+              done
+            else
+              echo "SKIP: $service has no healthcheck defined"
+            fi
+          done
+
       - name: Wait for backend health
         run: |
           for i in 1 2 3 4 5 6; do
diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml
index cc4b780..79b537e 100644
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@@ -62,7 +62,7 @@ services:
     container_name: mvp-postgres-staging
     volumes:
       - mvp_postgres_staging_data:/var/lib/postgresql/data
-      - ./secrets/staging/postgres-password.txt:/run/secrets/postgres-password:ro
+      - ./secrets/app/postgres-password.txt:/run/secrets/postgres-password:ro
 
   # ========================================
   # Redis (Staging)
diff --git a/docker-compose.yml b/docker-compose.yml
index ff72f9e..a7fbb04 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -69,7 +69,7 @@ services:
     depends_on:
       - mvp-backend
     healthcheck:
-      test: ["CMD-SHELL", "curl -s http://localhost:3000 || exit 1"]
+      test: ["CMD-SHELL", "curl -sf http://localhost:3000 || exit 1"]
       interval: 30s
       timeout: 10s
       retries: 3
diff --git a/docs/BUILD-SERVER-SETUP.md b/docs/BUILD-SERVER-SETUP.md
index c3e8bf2..9986180 100644
--- a/docs/BUILD-SERVER-SETUP.md
+++ b/docs/BUILD-SERVER-SETUP.md
@@ -155,12 +155,13 @@ sudo chown act_runner:act_runner /opt/motovaultpro
 sudo -u act_runner git clone https://git.motovaultpro.com/egullickson/motovaultpro.git /opt/motovaultpro
 ```
 
-### 2. Create Staging Secrets Directory
+### 2. Set Secrets Directory Permissions
+
+The `secrets/app` directory exists in the repository. Set proper permissions:
 
 ```bash
-sudo mkdir -p /opt/motovaultpro/secrets/staging
 sudo chown -R act_runner:act_runner /opt/motovaultpro/secrets
-sudo chmod 700 /opt/motovaultpro/secrets/staging
+sudo chmod 700 /opt/motovaultpro/secrets/app
 ```
 
 ### 3. Configure DNS
@@ -325,7 +326,7 @@ curl -vI https://staging.motovaultpro.com
 | Path | Description |
 |------|-------------|
 | `/opt/motovaultpro` | Application root |
-| `/opt/motovaultpro/secrets/staging` | Staging secrets |
+| `/opt/motovaultpro/secrets/app` | Application secrets |
 | `/etc/act_runner/config.yaml` | Runner configuration |
 | `/home/act_runner/.docker/config.json` | Registry credentials |
 
diff --git a/scripts/ci/ansible/deploy-production-runner.yml b/scripts/ci/ansible/deploy-production-runner.yml
index 1a63791..f9dd5aa 100644
--- a/scripts/ci/ansible/deploy-production-runner.yml
+++ b/scripts/ci/ansible/deploy-production-runner.yml
@@ -228,14 +228,6 @@
       args:
         creates: "{{ app_root }}/.git"
 
-    - name: Create production secrets directory
-      file:
-        path: "{{ app_root }}/secrets/production"
-        state: directory
-        owner: act_runner
-        group: act_runner
-        mode: '0700'
-
     - name: Create data directories
       file:
         path: "{{ app_root }}/{{ item }}"
@@ -343,6 +335,6 @@
             sudo journalctl -u act_runner -f
             docker ps
 
-          IMPORTANT: Ensure production secrets are configured in:
-            {{ app_root }}/secrets/production/
+          IMPORTANT: Ensure secrets are configured in:
+            {{ app_root }}/secrets/app/
           ================================================
diff --git a/scripts/ci/ansible/deploy-staging-runner.yml b/scripts/ci/ansible/deploy-staging-runner.yml
index 8b657b3..08554eb 100644
--- a/scripts/ci/ansible/deploy-staging-runner.yml
+++ b/scripts/ci/ansible/deploy-staging-runner.yml
@@ -258,14 +258,6 @@
       args:
         creates: "{{ app_root }}/.git"
 
-    - name: Create staging secrets directory
-      file:
-        path: "{{ app_root }}/secrets/staging"
-        state: directory
-        owner: act_runner
-        group: act_runner
-        mode: '0700'
-
     - name: Create data directories
       file:
         path: "{{ app_root }}/{{ item }}"