feat: add declarative root ssh key on nachtigall

hosts/nachtigall/configuration.nix

@@ -58,6 +58,12 @@
   users.groups.hakkonaut = {};
 
   users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
+  age.secrets."nachtigall-root-ssh-key" = {
+    file = "${flake.self}/secrets/nachtigall-root-ssh-key.age";
+    path = "/root/.ssh/id_ed25519";
+    mode = "400";
+    owner = root;
+  };
 
   # This value determines the NixOS release with which your system is to be
   # compatible, in order to avoid breaking some software such as database

secrets/secrets.nix

@@ -20,6 +20,9 @@ let
     nachtigall-host
   ];
 in {
+  # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
+  "nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
+
   "mastodon-secret-key-base.age".publicKeys = nachtigallKeys ++ baseKeys;
   "mastodon-otp-secret.age".publicKeys = nachtigallKeys ++ baseKeys;
   "mastodon-vapid-private-key.age".publicKeys = nachtigallKeys ++ baseKeys;