a6eaad9a (software/ors-amarisoft: add network_name parameter) updated
enb.jinja2.cfg and gnb.jinja2.cfg to require slap_configuration['configuration.com_addr']
and other parameters to be present, but did not updated
slapos-render-confg, which got broken as the result:

    (py3.venv) kirr@deca:~/src/wendelin/slapos/slapos/software/ors-amarisoft$ python slapos-render-config.py
    ...
    Traceback (most recent call last):
      File "/home/kirr/src/wendelin/slapos/slapos/software/ors-amarisoft/slapos-render-config.py", line 232, in <module>
        f.write(r._render().decode())
                ^^^^^^^^^^^
      File "/home/kirr/src/wendelin/slapos/slapos/software/ors-amarisoft/slapos-render-config.py", line 206, in _render
        return template_object.render(**self.context).encode(self.encoding)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/home/kirr/src/wendelin/venv/py3.venv/lib/python3.11/site-packages/jinja2/environment.py", line 1301, in render
        self.environment.handle_exception()
      File "/home/kirr/src/wendelin/venv/py3.venv/lib/python3.11/site-packages/jinja2/environment.py", line 936, in handle_exception
        raise rewrite_traceback_stack(source=source)
      File "config/gnb.jinja2.cfg", line 62, in top-level template code
        com_addr: "{{ slap_configuration['configuration.com_addr'] }}:{{ slap_configuration['configuration.com_ws_port'] }}",
      ^^^^^^^^^^^^^^^^^^^^^^^^^
    jinja2.exceptions.UndefinedError: 'dict object' has no attribute 'configuration.com_addr'

-> Fix it.

In Wendelin we mostly always want to run our zopes with the soft limit
set to the hard limit.

erp5@d8b5b910 added the functionality to ERP5 to
set its soft limit of allowed open file descriptors to the system wide hard limit.
This parameter is useful for Wendelin based instances where the 1024
limit is easily reached.

With this patch, this parameter can also be set via SlapOS, which
simplifies usage of the Wendelin SR.

See merge request nexedi/slapos!1460

Cover a case of not adding needless trailing / while accessing a backend from
top level of the URL.

As / are stripped while parsing the url, expose the situation that even if
url ends with a /, it won't be sent for top level access.

Here is the mapping of configured URL, path accessed on the CDN side and path
sent to the backend:

 * backend/index.html   frontend/     index.html
 * backend/index.html   frontend/a    index.html/a
 * backend/index.html   frontend/a/   index.html/a/
 * backend/index.html/  frontend/     index.html
 * backend/index.html/  frontend/a    index.html/a
 * backend/index.html/  frontend/a/   index.html/a/

During my recent work I needed to use path for generated interpreter in
several places and found the need to repeat
${buildout:bin-directory}/${python-interpreter:interpreter} both tiring
and error-prone, because the knowledge where executable is placed
is implicitly used and relied upon.

On the other hand:

- pygolang already provides ${gpython:exe} as reference to the place
  where gpython is installed (see e1d269b4)

- pygolang already uses :exe for interpreter generated to accompany
  pyprog (see 0ee52376 and e328aa49)

So python-interpreter not providing :exe is an oversight and the logical
fix is to start providing python-interpreter:exe as well.

-> Do it and convert */software.cfg throughout the tree, where
python-interpreter is found, to use it.

/cc @jerome, @Tyagov, @alain.takoudjou, @xavier_thompson, @levin.zimmermann
/reviewed-on !1456

The new ghostscript could not decrypt some password protected files. It turned out to be a bug in ghostscript but in the process of investigating I thought it might be related to missing libidn that is also used in PDF passwords, so I added it.

See merge request nexedi/slapos!1455

Fixes decryption of some password protected PDFs

INFO configure: WARNING: unrecognized options: --disable-threadsafe

without libidn, decrypting password protected PDFs does not fully work.

This is a fixup of f6281e7a.

This fixes 3c514224

Since nginx 1.25.1 ssl directive has been dropped, so fix the configuration
template to work with 1.25.2.

Update nginx-push-stream to follow nginx API changes.

Will support zlib 1.3+

Extend PATH to make xzcat available.

Extend PATH to make xzcat available.