Add docker compose with secrets example

examples/docker-compose-with-secrets.yml

@@ -0,0 +1,43 @@
+services:
+  nebula-sync:
+    image: ghcr.io/lovelaze/nebula-sync:latest
+    container_name: nebula-sync
+    restart: unless-stopped
+    # user directive specifying an arbitary uid to match ownership of Docker secrets files
+    user: 1234:1234
+    secrets:
+      - primary
+      - replicas
+    environment:
+    - TZ=America/New_York
+    # Secrets are defined below
+    - PRIMARY_FILE=/run/secrets/primary
+    - REPLICAS_FILE=/run/secrets/replicas
+    # FULL_SYNC is false so that we can set specific EXCLUDES later
+    - FULL_SYNC=false
+    - RUN_GRAVITY=true
+    # Running every 15 minutes
+    - CRON=*/15 * * * *
+    # Giving additional time for slower devices
+    - CLIENT_RETRY_DELAY_SECONDS=15
+    - CLIENT_TIMEOUT_SECONDS=45
+    # Enabling selective syncs
+    - SYNC_GRAVITY_GROUP=true
+    - SYNC_GRAVITY_AD_LIST=true
+    - SYNC_GRAVITY_AD_LIST_BY_GROUP=true
+    - SYNC_GRAVITY_DOMAIN_LIST=true
+    - SYNC_GRAVITY_DOMAIN_LIST_BY_GROUP=true
+    - SYNC_GRAVITY_CLIENT=true
+    - SYNC_GRAVITY_CLIENT_BY_GROUP=true
+    - SYNC_CONFIG_NTP=true
+    - SYNC_CONFIG_DNS=true
+    # Excluding some device-specific portions of the DNS config
+    - SYNC_CONFIG_DNS_EXCLUDE=interface,reply.host.force4,reply.host.IPv4,reply.host.force6,reply.host.IPv6
+
+
+secrets:
+  primary:
+    # These files are owned by user 1234 and have -r----- permissions
+    file: ./secrets/primary.txt
+  replicas:
+    file: ./secrets/replicas.txt