feat: add support for rotating jwt keys This allows jwt_secret to have multiple ',' separated secrets. The first/leftmost should be used to sign new JWTs. All of them are used (starting from left/newest) to try to verify a JWT. If the first secret is < 32 chars in length JWTs are disabled. If any of the other secrets are < 32 chars, the configuration code causes the software to exit. This prevents insecure (too short) secrets from being used. Updated doc examples and tests.

#! /bin/sh

# if there are multiple trackers, d=demo t=tracker ...
# returns last one for testing that server is up. Does not test
# each tracker.
tracker=$(ps -ef | sed -ne '/roundup-server/s/^.*\s\(\w*\)=.*$/\1/p')
wget -q -O /dev/null --proxy off --no-verbose http://localhost:8080/"${tracker:-demo}"/