ci: switch deploy secrets to age key workflow

secrets.nix

@@ -1,9 +1,10 @@
 let
   # Founder SSH public key (recipient). Safe to commit.
   founder = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJCBTSEEcBOhOkf3WF1e8xmblAZHvgTibFsqck2GY8D/";
+  # Forge automation SSH public key (recipient). Safe to commit.
+  forge = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFmKJt5+uilix5Ldiaaq1BhrYNjmV5lHcW7D/5inCCnO forge@every.channel";
 in
 {
-  "secrets/cloudflare-api-token.age".publicKeys = [ founder ];
-  "secrets/codeberg-token.age".publicKeys = [ founder ];
+  "secrets/cloudflare-api-token.age".publicKeys = [ founder forge ];
+  "secrets/codeberg-token.age".publicKeys = [ founder forge ];
 }
-