Allow usage of generated SSH key even when there is no previous activation

[ethnt]

I re-implemented the code in #1157 after bringing it up to date with master. I think this would solve the issue mentioned at #904. If I need to add typing, please let me know 🙏

To add a bit of color: I had an initial deployment that failed (mostly related to usage of sops-nix, but that feels unrelated). Subsequent deploys weren't able to be performed because it would never use the generated SSH key. This seems like it could be a semi-common condition — however, I'm not sure about the reasoning behind the original conditional.

[roberth]

Hi @ethnt,

According to the git blame, we switched to setting the authorized_keys via the NixOS configuration at some point https://github.com/NixOS/nixops/commit/8ad1138859ac6ddb0a977873e25a226c2b73ad8d

The original issue describes a situation where an activation did happen, in which case this change doesn't seem useful, unless NixOps is unaware that the activation succeeded. Maybe it isn't quite sure and the cur_toplevel is only set when it's absolutely sure that the activation succeeded? In that case --force-reboot does indeed explain it.

It seems like this is something we could write a regression test for, based on, or in: https://github.com/NixOS/nixops/blob/master/integration-tests/default.nix