Setting up a mirror to GitHub

I’m a user of a Gitea instance hosted by the organisation where I work. As a normal user, I don’t have access to the backend or the server running Gitea. I would like to setup a repository in Gitea, which is automatically mirrored to GitHub through a post-receive hook.

@lafriks mentioned that rather than using ssh keys, which aren’t sensible, I should be looking at setting up a private token and use https auth when pushing to GitHub. I can generate a token on GitHub for this purpose, but of course, I don’t want to include that token in a post-receive hook part of the git repository itself (since it could then be read publicly).

Am I right in understanding that if I include my private token as part of actions done in Giteas post-receive hook settings (settings/hooks/git/post-receive), this will never be visible or accessible by anyone but those with write access to the repository?

Yes, settings of a repository only be visited by users who have admin permissions of this repo but not write permissions and read permissions. And also the server user who have read permissions of the repositories could read the post-receive file to visit the token.