tripe-keys: Provide upload-hook for more complicated publishing.

The existing arrangement of writing the updated files to a local directory
are satisfactory for simple situations, but it's not actually desirable
to handle sensitive cryptographic keys (e.g., the TrIPE master key!) on
the same machine as a public-facing web server.

The upload-hook can contain an arbitrary shell-command, though it'll
typically be an invocation of rsync or similar.