Refactor imports and secrets. Add per system properties and role based secret access.

Highlights
- No need to update flake for every machine anymore, just add a properties.nix file.
- Roles are automatically generated from all machine configurations.
- Roles and their secrets automatically are grouped and show up in agenix secrets.nix
- Machines and their service configs may now query the properties of all machines.
- Machine configuration and secrets are now competely isolated into each machine's directory.
- Safety checks to ensure no mixing of luks unlocking secrets and hosts with primary ones.
- SSH pubkeys no longer centrally stored but instead per machine where the private key lies for better cleanup.

secrets/pia-login.age

@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 6AT2/g J3H9xUUwUMB7VkHHGtsZaCm/GiyqTFUrEmsuwcrgrhE
+tn+zbj5cISZzkUzJcu7JlaqhE4Dr4fhczSJU2kV91AU
+-> ssh-ed25519 hPp1nw 370YNPQn4mqeHjOvnIXkm+BzbrRNHkFICJaJhHCSHDQ
+WLhDRA8jp50aKkY8t9GvyAHoLxYQD2Bhw3y01hwhoOA
+-> ssh-ed25519 dMQYog 1dwQN8hmbLY54OnRTXtcwAXHoYLLNV0IK/rQQ9ZgV2A
+gP2HQinVYW72oJRFW69qAeF/iNEEtJqya1iRMOugNKk
+-> ~-grease 2%p4s G:$f41y " vZ87PA*|
++hI029392lrjxlsXUI8opFVcUK+JOjgBYGMH
+--- juX+tgNpNr8it5QnbcBkR9u88vZkC47L5fIlZQNxPYg
+,J}¸œ}Y§˜B%ˆo~3M×½HÊ—]ºˆû©ðÔ¤–žËn0cVs(´;axc#o™Üüv'kˆù#]o<>N`ÆœøÁ´Ì¿<C38C>˜¼ûp<>ÒšKàøk†0(