Add a wait() call in main to improve fluent-bit behavior.
(Note: first working version with UEFI.)

Improve first working version.
(Note: last version before the first test on the capri002.)

Add more automation in overall and in install.sh.

Add project scan-filesystem (from Xavier Thompson's gitlab) which implements a filesystem scanner.
Modify Makefile and call to a script allow to compile it without linking it from Python functions.
Modify dracut.module/Makefile to compile scan-filesystem instead of Leo's Rust code.

1. add tests, but how?
2. use command to add key in bios
3. set bios password
4. how to check network if have no dhcp
...

git wont keep track of empty folders, therefore create it using the
Makefile.

The module is unsafe because it collects metadata while being
writable for files on the same system; It therefore cannot be
relied upon for security purposes. It will however allow to use
the agent for purposes of better system changes transparency where
malicious changes are not expected.

UEFI standard asks that UEFI applications are located in an
/EFI/vendor folder. We therefore place them within /EFI/Nexedi
inside the EFI System Partition.

Put our UEFI boot application just before the currently booted element in the list.

The Python msgpack library does not deserialize MsgPack data
created with Rust's rmp-serde well.

Upload to Computer Metadata Snapshot module recently created for
ERP5.

Currently GNU Guix does not support private git repos, so the
origin is only a placeholder until it works. The package otherwise
does work when supplying the origin from a local or public URL.

Also, only btrfs needs mountpoint if filesystem is mounted.

The .gitkeep file was getting into the debian package causing
spurious errors during install.

Using mountpoint instead of device is required to change the label
of a currently mounted filesystem.

To install the dracut module on your current system, change into
the dracut.module directory then run:

```
$ ERP5_USER="user" ERP5_PASS="pass" \
  ERP5_BASE_URL="https://example.local/erp5" \
  make
$ sudo make install
```

To uninstall:

```
$ sudo make uninstall
```

Then in a dracut.conf file, to include it you can add:

```
add_dracutmodules="metadata-collect"
```

You will also need to append "ip=dhcp rd.neednet=1" to the
kernel_cmdline directive inside the dracut.conf so that the
initramfs requests networking for the agent to upload results.

Make sure the dracut network modules are installed, on Debian
that is the dracut-network package.
You can otherwise check their presence using:

```
$ dracut --list-modules | grep network
```

There you should see a few modules.

With rustls it's easier to embed the root CA certificates inside
the compiled binary itself using the webpki-roots crate. We need to
do this because it's the easiest way of getting TLS certificate
validation working inside the initramfs where /etc/ssl/certs or
else does not exist.

In contradiction with Jean-Paul's guidelines on not using Rust due
to lack of knowledge about it inside Nexedi, I am using it here
because it is the fastest way for me to get a working standalone
static binary, I know that language best. Considering we must be
getting results ASAP, this is the best strategy for me. We may
later rewrite it in another language if necessary.

A shell script is included to build the static binary, you need
to install rustup to get rust for musl, an alternative libc that
allows to create real static binaries that embed libc itself too.

Rustup can be found at: https://rustup.rs/

You can get a musl toolchain with:
  $ rustup target add x86_64-unknown-linux-musl

The acl library is being downloaded and built as a static library
by the script, and the rust build system will also build a vendored
copy of openssl as a static library.

Parallel hashing is done a bit differently in that Rust version,
only files contained in the currently processed directories will be
hashed in parallel. If there is a single big file in a directory
hashing will be stuck on that file until it's done and it goes onto
the next directory. To clarify, each file is only hashed on a
single thread, the Python version also does this, it just keeps the
number of files being hashed in parallel to a constant number as
long as there is more files to process, this version will only hash
with one thread per file in the currently processed directory. It
was done that way for sake of simplicity but we can implement an
offload threadpool to mimick what was done in Python later on.

TODO: Find a way to properly increment version without having to
      store any additional state client-side

TODO: Investigate using HATEOAS to talk to ERP5

TODO: Investigate using TLS client certificates to authenticate,
      they would be stored in /boot and would prevent the machine
      from booting if they were invalid or missing so that
      tampering with them is not interesting for an attacker.
      Also, the certificate's Common Name should be the computer
      reference and therefore should be used to construct the
      metadata snapshot document's reference instead of having
      to specify it on the command line.