Separate getting app location into another app

[Kixunil]

Problem
At the beginning of the project it was reasoned that pwning dashboard => getting access to all apps => running as non-root doesn't matter. This is not entirely true. pwning all selfhost apps and pwning whole system are not the same thing. The user could run other non-selfhost stuff on the machine and it's not nice that we're making it more vulnerable (even if probably not the case today).

Solution
Create a separate command-line application calle selfhost-open that launches open scripts. This application will be owned by root, have group set to selfhost-open-app and mode 4750. It will accept three parameters: name of the app, name of the user, prefix (optional). If prefix is not given, it will run get_default_domain.sh to figure it out.

selfhost-dashboard will run as a separate user added to selfhost-open-app group. It will exec selfhost-open whenever trying to determine the redirect location. We're already running an external command so the code will not be more complex. selfhost-open can be written mostly using existing code in selfhost-dashboard.

We will also need an upgrade script to provide migration from previous version - we will need to fix file permissions in /etc/selfhost-dashboard.

Nice side effect
This will also allow people to launch apps from CLI, without selfhost-dashboard. It may be helpful for paranoid people or for some exotic dashboard alternative using SSH or whatever.