nix-cache02: add scheduled builds timer

Add a systemd timer that triggers builds for all hosts every 2 hours
via NATS, keeping the binary cache warm.

- Add scheduler.nix with timer (every 2h) and oneshot service
- Add scheduler NATS user to DEPLOY account
- Add Vault secret and variable for scheduler NKey
- Increase nix-cache02 memory from 16GB to 20GB

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

terraform/vault/secrets.tf

@@ -102,6 +102,11 @@ locals {
       data          = { nkey = var.homelab_deploy_builder_nkey }
     }
 
+    "shared/homelab-deploy/scheduler-nkey" = {
+      auto_generate = false
+      data          = { nkey = var.homelab_deploy_scheduler_nkey }
+    }
+
     # Kanidm idm_admin password
     "kanidm/idm-admin-password" = {
       auto_generate   = true

terraform/vault/variables.tf

@@ -74,6 +74,13 @@ variable "homelab_deploy_builder_nkey" {
   sensitive   = true
 }
 
+variable "homelab_deploy_scheduler_nkey" {
+  description = "NKey seed for scheduled build triggering"
+  type        = string
+  default     = "PLACEHOLDER"
+  sensitive   = true
+}
+
 variable "nixos_exporter_nkey" {
   description = "NKey seed for nixos-exporter NATS authentication"
   type        = string