Read composefs configuration from initrd instead of commandline

Read composefs configuration from initrd instead of commandline

This drops the `ot-composefs` kernel commandline in favour
of a `[composefs]` section in the `prepare-rootfs.conf` file.

You can set `composefs.enabled` to `signed`, `yes`, `no` or `maybe`,
with `maybe` being the default.

You can also set `composefs.keypath` (or rely on the default
`/etc/ostree/initramfs-root-binding.key`) to point to ed25519 public
keys, one of which which the commit must be signed with, or boot
fails.

The ostree dracut module adds `/etc/ostree/initramfs-root-binding.key`
to the initrd if it exists.

NOTE: This drop the option to define a digest in the commandline.
However, that was currently unused
(i.e. ComposefsConfig.expected_digest was never read).

Additionally it very hard to actually store the composefs digest in
the initrd, as the initrd is typically part of the commit and thus the
composefs. It may be possible to handle this, but lets add it back
when we know exactly how that will work.