feat: setup impermanence module

modules/nixos/networking/ssh.nix

@@ -8,6 +8,10 @@
     with lib;
     let
       cfg = config.tnix.networking.openssh;
+
+      # Sops needs acess to the keys before the persist dirs are even mounted; so
+      # just persisting the keys won't work, we must point at /persist
+      hasOptinPersistence = config.environment.persistence."/persist".enable;
     in
     {
       options.tnix.networking.openssh = {
@@ -59,6 +63,13 @@
             ClientAliveCountMax = 5;
             ClientAliveInterval = 60;
           };
+
+          hostKeys = [
+            {
+              path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
+              type = "ed25519";
+            }
+          ];
         };
       };
     };