Migrate the Tails infra monitoring to Prometheus

Reference: TPA-RFC-73: Tails infra merge roadmap - Monitoring

Blocked by:

• TPA-RFC-77: plan Merge of Tails' and Tor's Pupp... (#41948 - closed)

To-do

• add the Prometheus servers to the Tails VPN → puppet-control!204
• add profile::prometheus::node_exporter to all Tails nodes:
  • stone.tails.net (the "masterless" node, can't rely on exported resources for firewalling)
  • Jenkins agents (blocked by prometheus-alerts!91 (merged))
  • all the rest
• remove the feature::prometheus feature-flag
• migrate:
  • OpenPGP keys → tails!2614
  • websites
  • .onion websites
  • SMTP
  • .onion SMTP
  • DNS
  • Tails mirrors speeds
  • Tails image download
  • TLS certs
  • APT repos' {packages,references}.db sizes
  • Backups?
• retire ecours.tails.net
• configure unattended-upgrades to not send email (see this thread)