Implement config_command support in Praefect

Gitaly supports reading the configuration in part or full from a command: https://docs.gitlab.com/ee/administration/gitaly/configure_gitaly.html#generate-configuration-using-an-external-command. This is especially useful for passing secrets to Gitaly. The user provided config command can decrypt any secrets and pass them in plain text to Gitaly over its stdout. This ensures there are no plain text secrets on the disk.

We don't have a similar mechanism for Praefect which means that the TLS certificates for now need to be passed to Praefect in plain text. Let's implement the same mechanism in Praefect to also support passing secrets without having them in plain text on the disk.