In multiRU we will need to be able to check multiple radio units for RX saturation separately.

-> As a preparatory step adjust the SR to explicitly specify the list of RX antennas to be verified.

This patch is necessary because in nexedi/slapos.toolbox!126
we adjust check_rx_saturated plugin to require list of RX channels to check to be
explicitly specified.

/cc @tomo, @xavier_thompson, @Daetalus
/reviewed-by @jhuge, @lu.xu
/reviewed-on nexedi/slapos!1459

In multiRU we will need to be able to check multiple devices and DMA channels,
not only /dev/sdr0@0 that was implicitly used until now.

-> As a preparatory step adjust the SR to explicitly specify which SDR resource is being verified.

This patch is necessary because in nexedi/slapos.toolbox!125
we adjust check_sdr_busy plugin to require SDR device/DMA channel to be
explicitly specified.

/cc @lu.xu, @tomo, @xavier_thompson, @Daetalus
/reviewed-by @jhuge
/reviewed-on nexedi/slapos!1458

also stop enabling pip user installation, this breaks slapos isolation too much

See merge request nexedi/slapos!1464

This reverts commit 6f167c36.

This causes issues that unexpectly slapos python processes use user
installed packages. This was to accomodate python extension prompting
user to install packages for them, but current version of the extension
no longer seem to do this.

See merge request nexedi/slapos!1460

Cover a case of not adding needless trailing / while accessing a backend from
top level of the URL.

As / are stripped while parsing the url, expose the situation that even if
url ends with a /, it won't be sent for top level access.

Here is the mapping of configured URL, path accessed on the CDN side and path
sent to the backend:

 * backend/index.html   frontend/     index.html
 * backend/index.html   frontend/a    index.html/a
 * backend/index.html   frontend/a/   index.html/a/
 * backend/index.html/  frontend/     index.html
 * backend/index.html/  frontend/a    index.html/a
 * backend/index.html/  frontend/a/   index.html/a/

During my recent work I needed to use path for generated interpreter in
several places and found the need to repeat
${buildout:bin-directory}/${python-interpreter:interpreter} both tiring
and error-prone, because the knowledge where executable is placed
is implicitly used and relied upon.

On the other hand:

- pygolang already provides ${gpython:exe} as reference to the place
  where gpython is installed (see e1d269b4)

- pygolang already uses :exe for interpreter generated to accompany
  pyprog (see 0ee52376 and e328aa49)

So python-interpreter not providing :exe is an oversight and the logical
fix is to start providing python-interpreter:exe as well.

-> Do it and convert */software.cfg throughout the tree, where
python-interpreter is found, to use it.

/cc @jerome, @Tyagov, @alain.takoudjou, @xavier_thompson, @levin.zimmermann
/reviewed-on nexedi/slapos!1456

The new ghostscript could not decrypt some password protected files. It turned out to be a bug in ghostscript but in the process of investigating I thought it might be related to missing libidn that is also used in PDF passwords, so I added it.

See merge request nexedi/slapos!1455

Fixes decryption of some password protected PDFs

INFO configure: WARNING: unrecognized options: --disable-threadsafe

without libidn, decrypting password protected PDFs does not fully work.

This is a fixup of f6281e7a.

This fixes 3c514224

Since nginx 1.25.1 ssl directive has been dropped, so fix the configuration
template to work with 1.25.2.

Update nginx-push-stream to follow nginx API changes.

Will support zlib 1.3+

Extend PATH to make xzcat available.