fix: use SSH authentication for nix-update workflow

.gitea/workflows/nix-update.yml

@@ -15,16 +15,24 @@ env:
   GIT_AUTHOR_EMAIL: 'bot@m3ta.dev'
   GIT_COMMITTER_NAME: 'nix-update bot'
   GIT_COMMITTER_EMAIL: 'bot@m3ta.dev'
+  GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o IdentitiesOnly=yes -o StrictHostKeyChecking=no"
 
 jobs:
   nix-update:
     runs-on: nixos
     steps:
+      - name: Setup SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan code.m3ta.dev >> ~/.ssh/known_hosts
+
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          token: ${{ secrets.NIX_UPDATE_TOKEN }}
+          ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
 
       - name: Check for available packages to update
         id: check-packages
@@ -166,7 +174,7 @@ jobs:
 
           echo "Pushing branch ${BRANCH}..."
 
-          # Push the branch
+          git remote set-url origin git@code.m3ta.dev:m3tam3re/nixpkgs.git
           git push origin "${BRANCH}" || (git fetch origin "${BRANCH}" 2>/dev/null && git push origin "${BRANCH}" --force)
 
           echo "Creating pull request..."