Added backup cron job

flake.lock

@@ -161,11 +161,11 @@
     },
     "secrets": {
       "locked": {
-        "lastModified": 1749344539,
+        "lastModified": 1749476519,
-        "narHash": "sha256-DeiiLB9cl/DftwhEWxgdwNbTlMAPj10SkjJAZC6BZvI=",
+        "narHash": "sha256-yzSsn2e+n4TQisd1PB7vZLcz9rhd8n5V4uoniWt+CP8=",
         "ref": "refs/heads/main",
-        "rev": "48050bddb5c566acfca602ace655fb251f39b8fc",
+        "rev": "890c1295ca6fea2a3aad5b7075dd5902f92beef0",
-        "revCount": 12,
+        "revCount": 13,
         "type": "git",
         "url": "ssh://gitea@git.bulthuis.dev/Jan/nixos-secrets"
       },

hosts/vm-oddjob/configuration.nix

@@ -31,6 +31,9 @@
   sops.secrets."smb-credentials" = {
     sopsFile = "${inputs.secrets}/secrets/vm-oddjob.enc.yaml";
   };
+  sops.secrets."backup-script-env" = {
+    sopsFile = "${inputs.secrets}/secrets/vm-oddjob.enc.yaml";
+  };
   systemd.services.mnt-nas-krb5 = {
     description = "Set up Kerberos credentials for mnt-nas";
     before = [ "mnt-nas.mount" ];
@@ -41,6 +44,19 @@
       echo $password | ${pkgs.krb5}/bin/kinit $username
     '';
   };
+  services.cron = {
+    enable = true;
+    systemCronJobs =
+      let
+        script = pkgs.writeShellScript "backup-script" ''
+          . ${config.sops.secrets."backup-script-env".path}
+          ${pkgs.proxmox-backup-client}/bin/proxmox-backup-client backup nfs.pxar:/mnt/nas --change-detection-mode=metadata
+        '';
+      in
+      [
+        "0 0 * * * ${script} "
+      ];
+  };
   fileSystems."/mnt/nas" = {
     device = "//${inputs.secrets.lab.nas.host}/Backup";
     fsType = "cifs";