refactor(orchestrator): collapse decnet-emailgen.service into orchestrator

Stage 5 of the realism migration. Email generation is no longer a
separate worker / systemd unit / CLI subcommand — the orchestrator's
single tick loop covers SSH traffic, file plants, and email drops.
Going from 21 services to 20.

Worker:
- _one_tick rolls between traffic / file / email (45/45/10 weights).
  The 10% email weight at a 60s orchestrator interval produces ~one
  email per 10 minutes, close to the pre-collapse 5-minute cadence.
- get_driver_for(action) (stage 4) handles SSH vs Email dispatch.
- Quiet branches fall through so a (decky-set, persona-pool,
  mail-decky) shape that silences one branch doesn't waste the tick.
- Periodic prune covers both orchestrator_events and
  orchestrator_emails tables.

Deletions:
- deploy/decnet-emailgen.service.j2
- decnet/orchestrator/emailgen/worker.py
- decnet/cli/emailgen.py
- tests/orchestrator/emailgen/test_worker_integration.py

Renames (history-preserving):
- decnet/web/router/emailgen/ -> decnet/web/router/realism/
- tests/api/emailgen/        -> tests/api/realism/
- tests/cli/test_emailgen_*  -> tests/cli/test_realism_*

Public surface changes (clean break, pre-v1):
- API URL /api/v1/emailgen/personas -> /api/v1/realism/personas
- CLI `decnet emailgen import-personas` -> `decnet realism
  import-personas`. `decnet emailgen run` is gone — the orchestrator
  covers it.
- gating.py: emailgen master-only group replaced by realism.
- decnet-orchestrator.service.j2: DECNET_REALISM_* env block added.
- decnet.target: decnet-emailgen.service entry removed.
- frontend: PersonaGeneration.tsx fetches /realism/personas.

decnet/orchestrator/emailgen/__init__.py

@@ -1,33 +1,20 @@
-"""Emailgen — second orchestrator worker.
+"""Emailgen — email-specific delivery, scheduling, and threading.
 
-Generates fake corporate emails (multi-language, threaded, persona-driven)
-and drops them into mail-decky maildirs so attackers landing on
-IMAP/POP3 honeypots find believable mailboxes instead of empty inboxes.
+After stage 5 of the realism migration, ``emailgen`` is no longer a
+separate worker / systemd unit / CLI subcommand.  It exposes:
 
-The module is intentionally a sibling of :mod:`decnet.orchestrator` (not
-a flag on it) — separate worker, separate CLI command
-(``decnet emailgen``), separate systemd-supervised lifecycle. Shares the
-heartbeat / control-listener scaffolding via :mod:`decnet.bus.publish`.
+* :mod:`decnet.orchestrator.emailgen.scheduler` — the
+  ``EmailAction`` shape and the ``pick(repo)`` policy that decides
+  which mail decky / sender / recipient / thread an email belongs to.
+* :mod:`decnet.orchestrator.emailgen.threads` — RFC 2822 thread chain
+  helpers (Message-ID generation, Re: / In-Reply-To bookkeeping).
+* :mod:`decnet.orchestrator.emailgen.events` — DB-row + bus-topic
+  builders for email events.
 
-Lazy worker re-export: :func:`emailgen_worker` is loaded on first
-attribute access so that submodules can import package-level names
-(``decnet.orchestrator.emailgen.events``) without triggering an eager
-load of the worker — and through it, the email driver, which imports
-back into this package.  Without lazy loading the package + driver +
-worker form a cycle.
+The orchestrator's main worker (:mod:`decnet.orchestrator.worker`)
+calls into these modules per tick.  LLM glue, persona schema, prompt
+builder, and the global persona pool moved to :mod:`decnet.realism`
+in stage 2 of the migration; this package keeps only the
+email-specific delivery surface.
 """
 from __future__ import annotations
-
-from typing import TYPE_CHECKING, Any
-
-if TYPE_CHECKING:  # pragma: no cover - typing only
-    from decnet.orchestrator.emailgen.worker import emailgen_worker  # noqa: F401
-
-__all__ = ["emailgen_worker"]
-
-
-def __getattr__(name: str) -> Any:
-    if name == "emailgen_worker":
-        from decnet.orchestrator.emailgen.worker import emailgen_worker as _w
-        return _w
-    raise AttributeError(f"module {__name__!r} has no attribute {name!r}")