fix(init): thread --user / --group through systemd unit templates

Every decnet-*.service.j2 hardcoded User=decnet / Group=decnet. The
init CLI accepted --user / --group and used them for useradd,
chown, /etc/decnet ownership and ReadWritePaths — but the Jinja
context omitted them entirely, so

  sudo decnet init --install-dir $PWD --user anti --group anti

rendered

  User=decnet
  Group=decnet

into every unit, which at best ran the workers as a user that didn't
match the files (fails to read the venv / config), and at worst spun
a parallel system user the operator never asked for.

Swap the hardcoded lines to {{ user }} / {{ group }} across all 13
templates and add both to the Jinja context in _install_units.

decnet/cli/init.py

@@ -337,13 +337,20 @@ def _install_units(
     *,
     install_dir: str,
     venv_dir: str,
+    user: str,
+    group: str,
     force: bool,
     dry_run: bool,
 ) -> str:
     """Render decnet-*.service.j2 → systemd_dir/decnet-*.service, and copy
     the static decnet.target (no templating needed — it has no install
     path references)."""
-    context = {"install_dir": install_dir, "venv_dir": venv_dir}
+    context = {
+        "install_dir": install_dir,
+        "venv_dir": venv_dir,
+        "user": user,
+        "group": group,
+    }
     templates = sorted(deploy.glob("decnet-*.service.j2"))
     static = [deploy / "decnet.target"]
 
@@ -726,6 +733,7 @@ def register(app: typer.Typer) -> None:
             lambda: _install_units(
                 deploy, systemd_dir,
                 install_dir=install_dir, venv_dir=resolved_venv,
+                user=user, group=group,
                 force=force, dry_run=dry_run,
             ),
         )

deploy/decnet-agent.service.j2

@@ -7,8 +7,8 @@ Requires=docker.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 # docker.sock is group-readable by 'docker'; the agent needs it for compose.
 SupplementaryGroups=docker
 WorkingDirectory={{ install_dir }}

deploy/decnet-api.service.j2

@@ -7,8 +7,8 @@ Requires=docker.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 # docker.sock is group-readable by 'docker'; the API ingester tails container logs.
 SupplementaryGroups=docker
 WorkingDirectory={{ install_dir }}

deploy/decnet-bus.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 # /run/decnet is created automatically with the RuntimeDirectory= directive

deploy/decnet-collector.service.j2

@@ -7,8 +7,8 @@ Requires=docker.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 # docker.sock is group-readable by 'docker'; the collector tails container logs.
 SupplementaryGroups=docker
 WorkingDirectory={{ install_dir }}

deploy/decnet-forwarder.service.j2

@@ -8,8 +8,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 # Replace <master-host> with the master's LAN address or hostname. The agent

deploy/decnet-listener.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 # Binds 0.0.0.0:6514 so workers across the LAN can connect. 6514 is not a

deploy/decnet-mutator.service.j2

@@ -7,8 +7,8 @@ Requires=docker.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 # Mutator recomposes decky services via docker compose.
 SupplementaryGroups=docker
 WorkingDirectory={{ install_dir }}

deploy/decnet-prober.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 ExecStart={{ venv_dir }}/bin/decnet probe

deploy/decnet-profiler.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 ExecStart={{ venv_dir }}/bin/decnet profiler

deploy/decnet-sniffer.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 ExecStart={{ venv_dir }}/bin/decnet sniffer

deploy/decnet-swarmctl.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 # Default bind is loopback — the controller is a master-local orchestrator

deploy/decnet-updater.service.j2

@@ -8,8 +8,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 ExecStart={{ venv_dir }}/bin/decnet updater \

deploy/decnet-web.service.j2

@@ -6,8 +6,8 @@ Wants=network-online.target
 
 [Service]
 Type=simple
-User=decnet
+User={{ user }}
-Group=decnet
+Group={{ group }}
 WorkingDirectory={{ install_dir }}
 EnvironmentFile=-{{ install_dir }}/.env.local
 ExecStart={{ venv_dir }}/bin/decnet web