feat: Sys extension management

[mudler]

Is your feature request related to a problem? Please describe.
currently it's hard to determine in a running system the installed system extension that are enabled for the current boot entry (active or passive), similarly, for upgrading the systextensions it is adviced to do that manually by entering the efi partition and replacing files accordingly.

Describe the solution you'd like
A way to list and manage sysextensions in the system, for example:

# shows sysexts in the active boot
kairos sysext list --active


# shows sysext available when booting in passive
kairos sysext list --passive

# Install/upgrade/removal of sysext
kairos sysext install --active <sysext path>
kairos sysext upgrade --active <sysext path>
kairos sysext remove --all <sysext> 

Additionally the sysext path could be a reference to an oci image rather to a local path.

Describe alternatives you've considered
Keep things manual

Additional context
https://kairos.io/docs/advanced/sys-extensions/#building-system-extensions-from-a-docker-image-with-auroraboot

[Itxaka]

Some more context

• sysext extensions can be seen with the systemd-sysext status command. Show only working ones, so it ignores broken or unsigned ones
• currently no difference between active/passive extensions if they are bundled with the install media, they are applied to both
• kairos sysext upgrade --active <sysext path> should be kairos sysext upgrade --active <sysext path> <source for upgrade> as you need to know both the one that has to be upgraded and where the upgrade comes from.
• we may be able to infer the name and version from the filename, but otherwise no idea how we can get some info like systemd-dissect does (which shows a lot of info!) Would be nice to know how to