On Darwin, launchd may attempt to start agents before the Nix store is
mounted and available. This leads to failures when the agent's executable
or arguments reside in the Nix store.
This change wraps the agent's command in a shell script that uses
/bin/wait4path to ensure /nix/store is ready before executing the
original program. It also ensures that ProgramArguments are correctly
escaped and concatenated.
- restructure module from `podman-linux` to platform-agnostic `podman`
- move linux-specific implementation to `modules/services/podman/linux/`
- add darwin module with declarative machine management
- implement launchd-based watchdog for auto-starting machines
- maintains backward compatibility with existing linux functionality
