ovs-ctl: Fix inability to set custom options for ovs-monitor-ipsec.

Commit in the fixes tag added support for using custom ipsec.conf with
ovs-monitor-ipsec, but it didn't provide a way to use those options
via ovs-ctl.  This makes it not possible to use these options from a
systemd unit, for example.

Fix that by adding --ovs-monitor-ipsec-options knob to ovs-ctl and
allowing OPTIONS to be passed via sysconfig.

Our Debian units are using StrongSwan, so they do not need these
Libreswan-specific options, however, it's better to keep systemd
integration similar to Fedora/RHEL.  There is at least one other
option that can be used with StrongSwan.

Only the Debian init file is updated, because we don't have IPsec
support for init in Fedora/RHEL.

There is a line length warning in the example, but it's hard to split
it into multiple lines, and I think, it's a good configuration example
to provide.

Fixes: 09d7c5ac00 ("ipsec: Add support for using non-root ipsec.conf.")
Acked-by: Frode Nordahl <fnordahl@ubuntu.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>

rhel/usr_lib_systemd_system_openvswitch-ipsec.service

@@ -7,8 +7,10 @@ After=openvswitch.service
 Type=forking
 PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid
 Restart=on-failure
+EnvironmentFile=/etc/openvswitch/default.conf
+EnvironmentFile=-/etc/sysconfig/openvswitch
 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \
-                    --ike-daemon=libreswan start-ovs-ipsec
+                    --ike-daemon=libreswan start-ovs-ipsec $OPTIONS
 ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec
 
 [Install]