If systemwide configuration is ok: programs.ssh.extraConfig will allow you to add whatever you want to /etc/ssh/ssh_config.
If you’d prefer having configuration be active only for your user, that’s within the realm of home-manager, and there you’ll want e.g. programs.ssh.matchBlocks.
Another part of the problem is managing the private key itself – for that you’ll most likely want to look at tools like agenix or sops-nix.
I’ve only used agenix so I can’t really recommend one or another. If you’re using home-manager I think sops-nix is your only option of the two at this point – I don’t remember agenix having an home-manager module.
There is a project/fork homeage, which is based on a PR to agenix that never got merged. I am not sure about how well it works though, I am only aware of its existence.
Personally I am using sops-nix, as I can use the same input for both system and home configurations, and to some extend even share the secret files between them. Not sure if this was possible with agenix + homeage.