config.users to accept reading hashed password from a file

[jdheyburn]

To increase security, it may be beneficial to allow the user password to be defined via a password file (containing the hashed value) in the config file:

users:
  - name: admin
    passwordFile: /path/to/file

This would replace the existing users[].password field.

[ainar-g]

The environment could be used for that as well. But it should be noted here that in the v0.108 cycle we plan to finally allow people to change passwords from the UI instead of the rather roundabout CLI-only procedure they have to use now. And that means that AGH would need write access to the file.

[jdheyburn]

Perhaps AGH should only check for write permissions when a user changes their password via the UI, then raise an error if AGH cannot save.