refactor tor services

Instead of having just 'service' tor, we should split this out into the following (see discussion on !117 (closed)):

tor_exit:
    can also be a relay
    must have OrPort
    should have Address, ContactInfo, NickName, BandwidthRate, MyFamily
    should have an exit policy defined that is not "ExitPolicy reject *:*" and ExitPolicy reject6 *:* 
    should not have ExitRelay 0

tor_relay:
    can also be an exit
    must have OrPort (cannot operate as a relay without it)
    should have Address, ContactInfo, NickName, BandwidthRate, MyFamily
    should not have an exit policy other than ExitPolicy reject *:* and ExitPolicy reject6 *:*, unless it is also an exit (but an ExitPolicy is ignored if 'ExitRelay 0' is set)
    must not have ExitRelay 0, if it is not also an exit, but put ExitRelay 0 if it should not be an exit

tor_hidden_service

    really should *not* be a relay, or an exit
    must not have: ORPort, Address, ContactInfo, Nickname, BandwidthRate, MyFamily
    must not have an exit policy other than ExitPolicy reject *:* and ExitPolicy reject6 *:* (but an ExitPolicy is ignored if 'ExitRelay 0' is set)
    must have ExitRelay 0 (except in newer tor versions than in jessie)
    must have HiddenServiceDir, HiddenServicePort defined