feat: migrate m3-atlas from MinIO to RustFS

- Replace minio.nix with rustfs.nix using rustfs-flake NixOS module
- Add rustfs flake input (github:rustfs/rustfs-flake)
- Reuse same ports (API: 3008, Console: 3007) and data dir (/var/storage/s3)
- Add separate agenix secrets for access-key and secret-key
- Keep Traefik routes unchanged (s3.m3tam3re.com, minio.m3tam3re.com)
- MinIO had 6 unfixed CVEs and is abandoned upstream

secrets.nix

@@ -23,6 +23,8 @@ in {
   "secrets/kestra-config.age".publicKeys = systems ++ users;
   "secrets/kestra-env.age".publicKeys = systems ++ users;
   "secrets/minio-root-cred.age".publicKeys = systems ++ users;
+  "secrets/rustfs-access-key.age".publicKeys = systems ++ users;
+  "secrets/rustfs-secret-key.age".publicKeys = systems ++ users;
   "secrets/n8n-env.age".publicKeys = systems ++ users;
   "secrets/netbird-auth-secret.age".publicKeys = systems ++ users;
   "secrets/netbird-db-password.age".publicKeys = systems ++ users;