Last attempt (08f31a3f) fixed
compilation bug generated a bug because an empty string was generating
an extra --volume parameter on container creation.

Now we move back to using an Array and fix our deploy script
accordingly.

The grep binary actually lives in /bin, and not /usr/bin.

We use grep to detect whether some changes are already present or not.

- We need to inherit from tails::weblate::params so the website address
  is available.

- Also, the Nginx vhost template needs `$public_hostname` to be defined
  in the class using the template.

When jobs == 1, we don't need to pass a lock file.

On Jenkins, we always use the defaults (--jobs=1), so we don't have to use
a lock file. Let's not pass it so this script works regardless of the name of
this argument, which will change due to the switch from squashfs-tools to
squashfs-tools-ng (tails#18577).

After upgrading a system to Bullseye, we have po4a/bullseye installed,
so we have to downgrade, which requires a pinning value that exceeds 1000.

refs tails#18577

See tails@e9a70205

refs tails#18577, sysadmin#17739

We've required Buster for this since a while.

refs tails#18310

Closes sysadmin#17871

The Git binary in the Weblate container for the version we currently
need (3.11.3) is now unable to verify Tails' GitLab's certificate:

    $ git clone https://gitlab.tails.boum.org/tails/tails.git
    fatal: unable to access 'https://gitlab.tails.boum.org/tails/tails.git/': server certificate verification failed. CAfile: none CRLfile: none

As a workaround, we bind-mount the host's libgnutls30 library (and other
needed linked libraries) into the container.

This has to be removed once Weblate is upgraded to run with a
container having a newer libgnutls30.

- The `weblate` remote needs point to the Weblate data directory inside
  the container.

- The `weblate-gatekeeper` remote should point to our internal Gitolite.

- Configure remotes using exec's to avoid fetching during deploy.

- Remove class parameter as we don't really need it now.

When refactoring, a variable name in the template was not updated. This
change also ports that config to an EPP template to avoid future issues.

When porting Weblate to a container, the Apache2 config was not cleaned
up. This change moves such config to an EPP template, which also
enforces parameterization of the $staging_www_dir variable
(/var/www/staging).

There's no need to use double quotes here, and we can get rid of all
escaping.

We want to avoid possible problems in a future when more variables are
added to the YAML file and the regular expression becomes too broad and
starts manifesting a bug.

refs sysadmin#17849

refs sysadmin#17849

And while I'm at it, fixing the suite name for Buster.

There's no need anymore to configure APT when running Weblate CI tests:
now all packages are available in Bullseye and we use a Bullseye VM to
run tests.

This file was forgotten in the tree, and now the time has come to clean
it up!