diff --git a/hosts/tadpole/modules/ssh/default.nix b/hosts/tadpole/modules/ssh/default.nix
index 33b2881..a99ee35 100644
--- a/hosts/tadpole/modules/ssh/default.nix
+++ b/hosts/tadpole/modules/ssh/default.nix
@@ -13,6 +13,28 @@ in
     home-manager.users.alex = {
       programs.ssh = {
         enable = true;
+
+        matchBlocks = {
+          "codeberg.org" = {
+            hostname = "codeberg.org";
+            identityFile = "/home/alex/.ssh/alex.tadpole-codeberg.org";
+          };
+        };
+      };
+    };
+
+    age.secrets = {
+      "alex.tadpole-codeberg.org" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.age;
+        path = "/home/alex/.ssh/alex.tadpole-codeberg.org";
+        owner = "alex";
+        group = "users";
+      };
+      "alex.tadpole-codeberg.org.pub" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.pub.age;
+        path = "/home/alex/.ssh/alex.tadpole-codeberg.org.pub";
+        owner = "alex";
+        group = "users";
       };
     };
 
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index d3a26d4..eaaae22 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -2,6 +2,7 @@ let
   # see `modules/age/default.nix` where these are defined
   pinwheel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMoI7Q4zT2AGXU+i8fLmzcNLdfMkEnfHYh4PmaEmo2QW root@pinwheel";
   sombrero = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/NltCo1L+X1OIBfIKzfrbxLpCOerQ4vTIs+QPTXkf/ root@sombrero";
+  tadpole = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDbyj/vYafqpJH33jFz5HV+gwCiEIJTpxKrEFrBWx73A root@tadpole";
   alex = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINjSFvlbdy5D59UaVWjRMyBndiAT2MtCeT+6GuemkuYe alex.pinwheel";
 in {
   "pinwheel/syncthing-cert.age".publicKeys = [ pinwheel alex ];
@@ -29,4 +30,7 @@ in {
   "sombrero/alex.sombrero-github.com.pub.age".publicKeys = [ sombrero alex ];
   "sombrero/alex.sombrero-codeberg.org.age".publicKeys = [ sombrero alex ];
   "sombrero/alex.sombrero-codeberg.org.pub.age".publicKeys = [ sombrero alex ];
+
+  "tadpole/alex.tadpole-codeberg.org.age".publicKeys = [ tadpole alex ];
+  "tadpole/alex.tadpole-codeberg.org.pub.age".publicKeys = [ tadpole alex ];
 }
diff --git a/secrets/tadpole/alex.tadpole-codeberg.org.age b/secrets/tadpole/alex.tadpole-codeberg.org.age
new file mode 100644
index 0000000..b1ad75e
Binary files /dev/null and b/secrets/tadpole/alex.tadpole-codeberg.org.age differ
diff --git a/secrets/tadpole/alex.tadpole-codeberg.org.pub.age b/secrets/tadpole/alex.tadpole-codeberg.org.pub.age
new file mode 100644
index 0000000..cf63ecb
Binary files /dev/null and b/secrets/tadpole/alex.tadpole-codeberg.org.pub.age differ