nixops: how to use local ssh key when deploying on machine with existing nixos (targetEnv is none)?

Question

I have machine with nixos (provisioned using terraform, config), I want to connect to it using deployment.targetHost = ipAddress and deployment.targetEnv = "none"

But I can't configure nixops to use /secrets/stage_ssh_key ssh key

This is not working ( actually this is not documented, I have found it here https://github.com/NixOS/nixops/blob/d4e5b779def1fc9e7cf124930d0148e6bd670051/nixops/backends/none.py#L33-L35 )

{
  stage =
    { pkgs, ... }:
    {
      deployment.targetHost = (import ./nixos-generated/stage.nix).terraform.ip;
      deployment.targetEnv = "none";

      deployment.none.sshPrivateKey        = builtins.readFile ./secrets/stage_ssh_key;
      deployment.none.sshPublicKey         = builtins.readFile ./secrets/stage_ssh_key.pub;
      deployment.none.sshPublicKeyDeployed = true;

      environment.systemPackages = with pkgs; [
        file
      ];
    };
}

nixops ssh stage results in asking for password, expected - login without password

nixops ssh stage -i ./secrets/stage_ssh_key works as expected, password is not asked

How to reproduce:

• download repo
• rm -rf secrets/*

• add aws keys in secrets/aws.nix

  { EC2_ACCESS_KEY="XXXX"; EC2_SECRET_KEY="XXXX"; }

• nix-shell

• make generate_stage_ssh_key
• terraform apply
• make nixops_create
• nixops deploy asks password