diff --git a/.woodpecker.yml b/.woodpecker.yml
index e13ca5b..b1faefc 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -209,8 +209,10 @@ steps:
       - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
       - echo "Removing old stack to release secrets"
       - docker stack rm $${CI_REPO_NAME} || true
-      - echo "Waiting for stack removal to complete"
+      - echo "Waiting for complete stack removal (30 seconds)"
       - sleep 30
+      - echo "Verifying stack removal completed"
+      - while docker stack ls | grep -q $${CI_REPO_NAME}; do echo "Stack still exists, waiting..."; sleep 5; done
       - echo "Removing old Docker secrets"
       - docker secret rm AUTHENTICATION_BACKEND_LDAP_PASSWORD || true
       - docker secret rm IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET || true
@@ -235,6 +237,12 @@ steps:
       - echo "$${CLIENT_SECRET_HEADADMIN}" | docker secret create CLIENT_SECRET_HEADADMIN -
       - echo "Deploying new stack with fresh secrets"
       - docker stack deploy --with-registry-auth -c ./stack.production.yml $${CI_REPO_NAME}
+      - echo "Waiting for services to initialize (30 seconds)"
+      - sleep 30
+      - echo "Checking deployment status"
+      - docker stack ps $${CI_REPO_NAME}
+      - echo "Checking service health for 60 seconds"
+      - for i in {1..12}; do if docker stack ps $${CI_REPO_NAME} | grep Running | grep -q authelia_authelia; then echo "✅ Authelia service is running!"; break; elif [ $$i -eq 12 ]; then echo "❌ Deployment verification failed - showing logs:"; docker service logs $${CI_REPO_NAME}_authelia --tail 20; exit 1; else echo "Attempt $$i/12: Waiting for authelia service..."; sleep 5; fi; done
     when:
       branch: main
       event: [push, cron]