FFe: nginx: demote bin:libnginx-mod-http-geoip

In MIR bug #1861101 we want to bring into main the geoip2 library src:libmaxminedb. The MIR team agreed to that with some conditions, one of which is to demote the geoip1 legacy version of the library (src:geoip) in order to not have both in main. bin:libnginx-mod-http-geoip is one of the reverse-dependencies of bin:libgeoip1.

The main reason behind the src:libmaxminddb MIR is that bind9 9.16.x no longer uses the legacy geoip1 library, and has switched to the supported geoip2 one (src:libmaxminddb). Without this change, bind9 will lose the geoip features in focal. But it's also an opportunity to switch away from the legacy geoip1 library.

For the nginx case, bin:libnginx-mod-http-geoip is pulled in via bin:nginx-core which is in main, and bin:nginx-extras and bin:nginx-full which are in universe already.

The original plan was to just replace the dependency on libnginx-mod-http-geoip in bin:nginx-core with libnginx-mod-http-geoip2, but that can't happen immediately because the source code for libnginx-mod-http-geoip2 does not come from nginx itself[1][2], and thus is not subject to the MIR that brought nginx into main a while ago. We can't pull bin:libnginx-mod-http-geoip2 into main without another MIR for just that module, which will require a security review. I will file an MIR for that anyway, but we expect the security review to not get done in time for focal. UPDATE: that MIR is bug #1867198.

We then changed the plan to just demote bin:libnginx-mod-http-geoip to universe. This will allow src:geoip (the geoip1 legacy library) to be demoted, and the MIR team has agreed to that plan[3].

This means that bin:nginx-core will no longer have a dependency on any nginx geoip modules, legacy or otherwise, and thus represents a feature change.

I added a release notes task to the MIR bug #1861101 and the following scenarios about this change come to mind:

a) Since bin:nginx-core dropped the dependency on bin:libnginx-mod-http-geoip, if someone got it by installing bin:nginx-core, an "apt autoremove" might suggest that bin:libnginx-mod-http-geoip can be removed. If this happens, and there are still geoip configuration directives somewhere in /etc/nginx/**, nginx will fail to restart. Note that this would also happen had we replaced bin:libnginx-mod-http-geoip with bin:libnginx-mod-http-geoip2, as the configuration directives are different

b) If someone has just main enabled in < focal, with bin:nginx-core and bin:libnginx-mod-http-geoip installed, and release upgrades to focal, libnginx-mod-http-geoip won't be upgraded because it's in focal/universe.

Attached is the proposed change to nginx, from https://bugs.launchpad.net/ubuntu/+source/libmaxminddb/+bug/1861101/comments/14

PPA with a test build, together with bind9 already linking with libmaxminddb:

https://launchpad.net/~ahasenack/+archive/ubuntu/bind9-geoip

1. https://bugs.launchpad.net/ubuntu/+source/libmaxminddb/+bug/1861101/comments/10
2. https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1825895
3. https://bugs.launchpad.net/ubuntu/+source/libmaxminddb/+bug/1861101/comments/18