Add a possibility to configure hooks after certificate renewal

Sentinel:Proxy needs a valid certificate to communicate with Sentinel servers. As certificate renew will be managed via cron job (turris/turris-os-packages#383), Sentinel:Proxy needs to be restarted when a new certificate is issued.

To handle this fact generally, Certgen should allow to setup hooks.

Certgen will not use any hooks by default,
Hooks will be enabled by specifying a directory as a command line parameter
Certgen will call all executable files within specified directory if a certificate was issued

Actual usage proposal

certgen.py certs --hook-dir /etc/certgen-hooks.d/

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Add a possibility to configure hooks after certificate renewal