o consolidate "unbound_" prefix for unbound.inc for pluginification
o services.inc includes unbound.inc rightfully, a bit like a
  plugin would do in the future, but this also means we can
  zap all requires from top pages, which are entirely spurious.
o get_dns_servers() moves to system.inc because it is used by
  status_interfaces.php
o RIP read_hosts()

According to manuals and other project's code this should work as
expected, but to make sure we just advertise the name without a
default.

While there, clean up the config file generation and a few printf
bits that really shouldn't be in there.

PR: https://github.com/opnsense/core/issues/1250

(legacy) ditch get_possible_traffic_source_addresses(), https://github.com/opnsense/core/issues/1257

Some minor tweaks in the file, e.g. we shouldn't use gettext()
for most tings, don't need translations in config files or for
strings that are hardly translatable (OpenVPN).

This was done in early 16.7, seems to work fine so finish the
transition, dnsmasq is next...

Controls only reload the service, the reconfigure page is in charge of
tracing down dependencies...

There may be more, at least I don't see the difference between
TLS and shared key for most settings, except certificate setup.

The client traffic redirect is probably also wrong, but for now
provide consistency with TLS.

PR: https://forum.opnsense.org/index.php?topic=3908.0

o > 16 hours of randomisation is too much, let cron jobs
  run within 15 minutes.
o Move to `jot' utility for better visibility/portability.
o switch the default bogons invoke to right now, only
  defer the run if `cron' argument was given.

(it's complicated)

There's more we can do with this, but let this sink in for a bit.

The main goal was to provide all changelogs, signed and verified,
to be resilient against phishing attacks on mirrors or MITM means.

Submitted by: @fbrendel