Store maubot configuration separately from data

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894

Because the configuration file is now mounted as readonly and maubot tries to update it on start,
we get this warning:
> Failed to create tempfile to write updated config to disk: [Errno 30] Read-only file system: '/config/tmpfa8vcb3y.yaml'

It doesn't seem to cause issues though.

Because the configuration is no longer overwritten on every bot start, each
next Ansible run should no longer overwrite it again and report a
"changed" task.

roles/matrix-bot-maubot/tasks/setup_install.yml

@@ -9,6 +9,7 @@
     group: "{{ matrix_user_groupname }}"
   with_items:
     - {path: "{{ matrix_bot_maubot_base_path }}", when: true}
+    - {path: "{{ matrix_bot_maubot_config_path }}", when: true}
     - {path: "{{ matrix_bot_maubot_data_path }}", when: true}
     - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true}
     - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true}
@@ -19,7 +20,7 @@
 - name: Ensure maubot configuration file created
   ansible.builtin.template:
     src: "{{ role_path }}/templates/config/config.yaml.j2"
-    dest: "{{ matrix_bot_maubot_data_path }}/config.yaml"
+    dest: "{{ matrix_bot_maubot_config_path }}/config.yaml"
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_groupname }}"
     mode: "u=rwx"

roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2

@@ -21,16 +21,17 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--read-only \
 			--cap-drop=ALL \
-			-v {{ matrix_bot_maubot_data_path }}:/data:z \
+			--mount type=bind,src={{ matrix_bot_maubot_config_path }},dst=/config,ro \
+			--mount type=bind,src={{ matrix_bot_maubot_data_path }},dst=/data \
 			{% for arg in matrix_bot_maubot_container_extra_arguments %}
 			{{ arg }} \
 			{% endfor %}
 			--network={{ matrix_docker_network }} \
-            {% if matrix_bot_maubot_management_interface_http_bind_port | bool %}
+            {% if matrix_bot_maubot_management_interface_http_bind_port %}
             -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316
             {% endif %}
 			{{ matrix_bot_maubot_docker_image }} \
- 			python3 -m maubot -c /data/config.yaml
+ 			python3 -m maubot -c /config/config.yaml
 
 ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true'
 ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true'