nixcache: configure auth with `devbox cache configure`

[gcurtis]

Depends on #1959 and #1960. The diff contains commits from those PRs.

---

Add a hidden devbox cache configure command that sets up Nix so it can authenticate with a private Devbox cache. This is a first step. Ultimately, we'd like to do this configuration automatically before building. We just need to make sure we don't re-prompt the user for sudo or slow down commands like devbox run or devbox shell.

Configuring auth goes as follows:

1. Check to see if the Nix daemon is running. If it isn't, we don't need to do anything.
2. Otherwise, we check to see if ~root/.aws/config exists. If it does, we assume that we've already configured the root user's AWS credentials. This won't handle situations where the user already has a root AWS config and can be improved.
3. If the AWS config doesn't exist, prompt the user to escalate to root. If they say yes, relaunch devbox cache configure.
4. The new devbox process running as root writes an AWS config file that tells the AWS CLI/SDKs to authenticate by running devbox cache credentials.

Note that we need to use the default AWS profile. There's a bug in Nix where non-default profiles (specified in the S3 URI with ?profile=devbox) don't use the default credential chain. If this gets fixed, we should use a separate profile so that we don't interfere with any AWS options set by the user (although hopefully this is rare for root).