Draft: use `systemd-nspawn` to chroot into the target, superseding `arch-chroot`

The idea comes from @foxboron on IRC. systemd-nspawn handles bind mounts and things like resolv.conf more robustly, and thus makes our job easier. However, this needs further testing e.g. it blocks some syscalls by default, which is very likely not desired for an installation environment.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Draft: use `systemd-nspawn` to chroot into the target, superseding `arch-chroot`