refactor: prefer systemd sockets over socat

- Document preferred method for socket use depending on use case;
- Fix Github web-flow key;
- Standardize naming of services;
- Use sys-ssh in ansible formula;
- Start services conditionally with Qubes Service and evaluated by
  systemd ConditionPathExists= instead of installing on a per qube basis
  with rc.local scripts;
- Change Qusal services to "qusal-" prefix instead of "qubes-" prefix.

Fixes: https://github.com/ben-grande/qusal/issues/80
Fixes: https://github.com/ben-grande/qusal/issues/79

salt/sys-ssh-agent/files/client/systemd/qusal-ssh-agent-forwarder@.service

@@ -1,9 +1,9 @@
-# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
 [Unit]
-Description=SSH Agent Forwarder to Qrexec SSH Agent %i
+Description=Forward SSH Agent %i over Qrexec
 
 [Service]
 User=user

salt/sys-ssh-agent/files/server/bin/qvm-ssh-agent

@@ -1,12 +1,12 @@
 #!/bin/sh
 
-# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
 set -eu
 
-service="qubes-ssh-agent"
+service="qusal-ssh-agent"
 
 usage(){
   echo "Usage: ${0##*/} [ls|add] <AGENT>

salt/sys-ssh-agent/files/server/rpc/qusal.SshAgent

@@ -24,7 +24,7 @@ if test "${#untrusted_agent}" -gt 128; then
 fi
 
 agent="${untrusted_agent}"
-socket="/tmp/qubes-ssh-agent/${agent}.sock"
+socket="/tmp/qusal-ssh-agent/${agent}.sock"
 
 qvm-ssh-agent add "${agent}" >/dev/null
 exec socat STDIO UNIX-CLIENT:"${socket}"