Many of our log messages were being used to generate metrics, but are
now being aggregated and logged to a separate metrics log file and so we
don't need them in the regular logs anymore.

This addresses the goal of ticket #30830, to remove unecessary messages
and keep broker logs for debugging purposes.

The broker /debug page was displaying proxy IDs and roundtrip times. As
serna pointed out in bug #31460, the proxy IDs can be used to launch a
denial of service attack. As the metrics team pointed out on #21315, the
round trip time average can be potentially sensitive.

This change displays only proxy counts and uses ID lengths to
distinguish between standalone proxy-go instances and browser-based
snowflake proxies.

This implements a handler at https://[snowflake-broker]/metrics for the
snowflake collecTor module to fetch stats from the broker. Logged
metrics are copied out to the response with a text/plain; charset=utf-8
content type. This implements bug #31376.

Updated the tests to pass with our new snowflake-ips-total stat

Added another metrics item that counts the total availabel snowflakes
(unique by IP address)

- removed trailing ","s
- removed unecessary space before seconds

Also moved the geoip check to occur after we've make sure the proxy IP
hasn't yet been recorded. This is will cut down on unecessary
computation.

Added unit tests for metrics logging. Refactored the logMetrics()
function to allow for easier testing

Change it so that we log the geoip country code of proxies if they poll
within the current metrics epoch. We make sure we log by unique IP
address

Output is now printed out in Tor Directory Protocol Format, as specified
in https://trac.torproject.org/projects/tor/ticket/21315#comment:19.

Added three new metrics:
- proxyIdleCount counts the number of times a proxy polls and receives
no snowflakes
- clientDeniedCount counts the number of times a client requested a
snowflake but none were available
- clientProxyMatchCount counts the number of times a client successfully
received a snowflake

Set the resolution of metrics data collection to be every 24 hours

So far, we request a certificate each time we start the broker.  Let's
Encrypt maintains several rate limiters and if we exceed one of them, we
won't get a certificate.  Worse, since we don't store certificates, we
won't even be able to use an old one.

This patch uses autocert's DirCache structure to cache certificates on
disk.

This patch fixes <https://bugs.torproject.org/30512>.

MaxBytesReader is only documented for server side reads, so we're using
a local limitedRead function instead that uses an io.LimitedReader.

Declared limits in a commented constant

This is a fix for #26348

NewBrokerContext now requires a logger so give it one to discard the
logs.

Previously the metrics log file was hardcoded and the broker wasn't
behaving properly if it was unable to open the file for logging.

Added a commandline option to specify the logfile that defaults to
Stdout.

Fixed up some documentation and log output formatting

For now we can just log the proxy geoip statistics locally

Implemented geoip lookups for the snowflake broker. This heavily based off of how tor maps IP addresses to country codes, and relies on the provided ipv4 and ipv6 files.

Updated robots.txt file to disallow crawling as in ticket #29565.

Removed raw bytes of ICE answers from broker logs and the SDP stanzas
from the client logs

This is needed since the recent removal of the TLS-SNI challenge types.
https://community.letsencrypt.org/t/tls-sni-challenges-disabled-for-most-new-issuance/50316
The HTTP-01 challenge type requires an additional listener on port 80.

Had been removed in 2a46db2c and was
erroneously restored in the merge
36debdfd.

Doesn't seem to be used anywhere; may have been inherited from flash
proxy.

Replaces --cert and --key with --acme-hostnames and --acme-email.