[includeIf "gitdir:~/work/client1/"]
path = ~/work/client1/.gitconfig
[includeIf "gitdir:~/work/client2/"]
path = ~/work/client2/.gitconfig
$ cat ~/work/client1/.gitconfig
[user]
email = emailforclient1
name = nameforclient1
signingKey = 3AA5C34371567BD2
[core]
sshCommand = ssh -i ~/.ssh/id_client1
$ cat ~/work/client2/.gitconfig
[user]
email = emailforclient2
name = nameforclient2
signingKey = 4BB6D45482678BE3
[core]
sshCommand = ssh -i ~/.ssh/id_client2
See: [includeIf "hasconfig:remote.*.url:https://client1domain.com/**"]
path = ~/work/client1/.gitconfig
[includeIf "hasconfig:remote.*.url:https://client2domain.com/**"]
path = ~/work/client2/.gitconfig
Check comment [2] for a complete example with pinning SSH key and signing key using git-config.
The intent of the surveillance and the communication to employees is more relevant thant the technical means.
> In short, a surveillance system is prohibited if it is intended solely or primarily to monitor the actual behaviour of employees. However, the same system will not be prohibited if it is used for on legitimate reasons, such as ensuring safety or enabling the organisation or planning of work. However, the system chosen must be proportionate to the aim pursued and the employees must be informed in advance
https://www.edoeb.admin.ch/edoeb/en/home/datenschutz/arbeit_...