fix: resolve PTY failure, MMDS file writes, and metrics instability in envd-rs

Three bugs fixed:

1. PTY connections failed because home directory was hardcoded as
   /home/{username} instead of reading from /etc/passwd. For root,
   this produced /home/root/ which doesn't exist — CWD validation
   rejected every PTY Start request without explicit cwd. Fixed all
   6 locations to use user.dir from nix::unistd::User.

2. MMDS polling silently failed to parse metadata because the
   logs_collector_address field lacked #[serde(default)]. The host
   agent only sends instanceID + envID — missing "address" field
   caused every deserialize attempt to fail, so .WRENN_SANDBOX_ID
   and .WRENN_TEMPLATE_ID were never written. Also added error
   logging and create_dir_all before file writes.

3. Metrics CPU values were non-deterministic because a fresh
   sysinfo::System was created per request with a 100ms sleep
   between reads. Replaced with a background thread that samples
   CPU at fixed 1-second intervals via a persistent System instance,
   matching gopsutil's internal caching behavior. Metrics endpoint
   now reads cached atomic values — no blocking, consistent window.

Also: close master PTY fd in child pre_exec, add process.Start
request logging, bump version to 0.2.0.

envd-rs/src/http/files.rs

@@ -95,7 +95,7 @@ pub async fn get_files(
         Err(e) => return json_error(StatusCode::UNAUTHORIZED, &e),
     };
 
-    let home_dir = format!("/home/{}", user.name);
+    let home_dir = user.dir.to_string_lossy().to_string();
     let resolved = match expand_and_resolve(path_str, &home_dir, state.defaults.workdir.as_deref())
     {
         Ok(p) => p,
@@ -246,7 +246,7 @@ pub async fn post_files(
         Err(e) => return json_error(StatusCode::UNAUTHORIZED, &e),
     };
 
-    let home_dir = format!("/home/{}", user.name);
+    let home_dir = user.dir.to_string_lossy().to_string();
     let uid = user.uid;
     let gid = user.gid;