{
  config,
  inputs,
  lib,
  pkgs,
  ...
}:
{
  sops.secrets = {
    "ssh/personal/key" = {
      sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
      key = "ssh/key";
      path = "/root/.ssh/ssh_personal_ed25519_key";
    };

    "ssh/sas/ed25519/key" = {
      sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
      key = "ssh/ed25519/key";
      path = "/root/.ssh/ssh_sas_ed25519_key";
    };
  };

  programs.ssh = {
    extraConfig = ''
      Host karaolidis.com
        User git
        HostName karaolidis.com
        IdentityFile /root/.ssh/ssh_personal_ed25519_key
        IdentitiesOnly yes

      Host github.sas.com
        User git
        HostName github.com
        IdentityFile /root/.ssh/ssh_sas_ed25519_key
        IdentitiesOnly yes
        UserKnownHostsFile ${pkgs.sshKnownHosts.github}

      Host gitlab.sas.com
        User git
        HostName gitlab.sas.com
        IdentityFile /root/.ssh/ssh_sas_ed25519_key
        IdentitiesOnly yes
        ${lib.strings.optionalString config.sas.build.private "UserKnownHostsFile ${pkgs.sshKnownHosts.sas-gitlab}"}
    '';
  };
}