Port envd from e2b with internalized shared packages and Connect RPC

- Copy envd source from e2b-dev/infra, internalize shared dependencies
  into envd/internal/shared/ (keys, filesystem, id, smap, utils)
- Switch from gRPC to Connect RPC for all envd services
- Update module paths to git.omukk.dev/wrenn/{sandbox,sandbox/envd}
- Add proto specs (process, filesystem) with buf-based code generation
- Implement full envd: process exec, filesystem ops, port forwarding,
  cgroup management, MMDS integration, and HTTP API
- Update main module dependencies (firecracker SDK, pgx, goose, etc.)
- Remove placeholder .gitkeep files replaced by real implementations

envd/internal/permissions/authenticate.go

@@ -0,0 +1,47 @@
+package permissions
+
+import (
+	"context"
+	"fmt"
+	"os/user"
+
+	"connectrpc.com/authn"
+	"connectrpc.com/connect"
+
+	"git.omukk.dev/wrenn/sandbox/envd/internal/execcontext"
+)
+
+func AuthenticateUsername(_ context.Context, req authn.Request) (any, error) {
+	username, _, ok := req.BasicAuth()
+	if !ok {
+		// When no username is provided, ignore the authentication method (not all endpoints require it)
+		// Missing user is then handled in the GetAuthUser function
+		return nil, nil
+	}
+
+	u, err := GetUser(username)
+	if err != nil {
+		return nil, authn.Errorf("invalid username: '%s'", username)
+	}
+
+	return u, nil
+}
+
+func GetAuthUser(ctx context.Context, defaultUser string) (*user.User, error) {
+	u, ok := authn.GetInfo(ctx).(*user.User)
+	if !ok {
+		username, err := execcontext.ResolveDefaultUsername(nil, defaultUser)
+		if err != nil {
+			return nil, connect.NewError(connect.CodeUnauthenticated, fmt.Errorf("no user specified"))
+		}
+
+		u, err := GetUser(username)
+		if err != nil {
+			return nil, authn.Errorf("invalid default user: '%s'", username)
+		}
+
+		return u, nil
+	}
+
+	return u, nil
+}

envd/internal/permissions/keepalive.go

@@ -0,0 +1,29 @@
+package permissions
+
+import (
+	"strconv"
+	"time"
+
+	"connectrpc.com/connect"
+)
+
+const defaultKeepAliveInterval = 90 * time.Second
+
+func GetKeepAliveTicker[T any](req *connect.Request[T]) (*time.Ticker, func()) {
+	keepAliveIntervalHeader := req.Header().Get("Keepalive-Ping-Interval")
+
+	var interval time.Duration
+
+	keepAliveIntervalInt, err := strconv.Atoi(keepAliveIntervalHeader)
+	if err != nil {
+		interval = defaultKeepAliveInterval
+	} else {
+		interval = time.Duration(keepAliveIntervalInt) * time.Second
+	}
+
+	ticker := time.NewTicker(interval)
+
+	return ticker, func() {
+		ticker.Reset(interval)
+	}
+}

envd/internal/permissions/path.go

@@ -0,0 +1,96 @@
+package permissions
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"os/user"
+	"path/filepath"
+	"slices"
+
+	"git.omukk.dev/wrenn/sandbox/envd/internal/execcontext"
+)
+
+func expand(path, homedir string) (string, error) {
+	if len(path) == 0 {
+		return path, nil
+	}
+
+	if path[0] != '~' {
+		return path, nil
+	}
+
+	if len(path) > 1 && path[1] != '/' && path[1] != '\\' {
+		return "", errors.New("cannot expand user-specific home dir")
+	}
+
+	return filepath.Join(homedir, path[1:]), nil
+}
+
+func ExpandAndResolve(path string, user *user.User, defaultPath *string) (string, error) {
+	path = execcontext.ResolveDefaultWorkdir(path, defaultPath)
+
+	path, err := expand(path, user.HomeDir)
+	if err != nil {
+		return "", fmt.Errorf("failed to expand path '%s' for user '%s': %w", path, user.Username, err)
+	}
+
+	if filepath.IsAbs(path) {
+		return path, nil
+	}
+
+	// The filepath.Abs can correctly resolve paths like /home/user/../file
+	path = filepath.Join(user.HomeDir, path)
+
+	abs, err := filepath.Abs(path)
+	if err != nil {
+		return "", fmt.Errorf("failed to resolve path '%s' for user '%s' with home dir '%s': %w", path, user.Username, user.HomeDir, err)
+	}
+
+	return abs, nil
+}
+
+func getSubpaths(path string) (subpaths []string) {
+	for {
+		subpaths = append(subpaths, path)
+
+		path = filepath.Dir(path)
+		if path == "/" {
+			break
+		}
+	}
+
+	slices.Reverse(subpaths)
+
+	return subpaths
+}
+
+func EnsureDirs(path string, uid, gid int) error {
+	subpaths := getSubpaths(path)
+	for _, subpath := range subpaths {
+		info, err := os.Stat(subpath)
+		if err != nil && !os.IsNotExist(err) {
+			return fmt.Errorf("failed to stat directory: %w", err)
+		}
+
+		if err != nil && os.IsNotExist(err) {
+			err = os.Mkdir(subpath, 0o755)
+			if err != nil {
+				return fmt.Errorf("failed to create directory: %w", err)
+			}
+
+			err = os.Chown(subpath, uid, gid)
+			if err != nil {
+				return fmt.Errorf("failed to chown directory: %w", err)
+			}
+
+			continue
+		}
+
+		if !info.IsDir() {
+			return fmt.Errorf("path is a file: %s", subpath)
+		}
+	}
+
+	return nil
+}

envd/internal/permissions/user.go

@@ -0,0 +1,44 @@
+package permissions
+
+import (
+	"fmt"
+	"os/user"
+	"strconv"
+)
+
+func GetUserIdUints(u *user.User) (uid, gid uint32, err error) {
+	newUID, err := strconv.ParseUint(u.Uid, 10, 32)
+	if err != nil {
+		return 0, 0, fmt.Errorf("error parsing uid '%s': %w", u.Uid, err)
+	}
+
+	newGID, err := strconv.ParseUint(u.Gid, 10, 32)
+	if err != nil {
+		return 0, 0, fmt.Errorf("error parsing gid '%s': %w", u.Gid, err)
+	}
+
+	return uint32(newUID), uint32(newGID), nil
+}
+
+func GetUserIdInts(u *user.User) (uid, gid int, err error) {
+	newUID, err := strconv.ParseInt(u.Uid, 10, strconv.IntSize)
+	if err != nil {
+		return 0, 0, fmt.Errorf("error parsing uid '%s': %w", u.Uid, err)
+	}
+
+	newGID, err := strconv.ParseInt(u.Gid, 10, strconv.IntSize)
+	if err != nil {
+		return 0, 0, fmt.Errorf("error parsing gid '%s': %w", u.Gid, err)
+	}
+
+	return int(newUID), int(newGID), nil
+}
+
+func GetUser(username string) (u *user.User, err error) {
+	u, err = user.Lookup(username)
+	if err != nil {
+		return nil, fmt.Errorf("error looking up user '%s': %w", username, err)
+	}
+
+	return u, nil
+}