[Feature] ClamAV scanning at upload

[HebaruSan]

Motivation

#344 seems to have been caused by nightly anti-virus scans of the entire storage (currently disabled).

@DasSkelett tried uploading the EICAR test file at https://spacedock.info/mod/2202/test#changelog, and it was not deleted, so those scans may not even have been working as intended.

It would be nice to have an anti-virus solution that actually works and doesn't overload the site.

Suggestions

There's a Python module for integration with a separately running ClamAV daemon:

https://xael.org/pages/pyclamd-en.html

We should use this module to scan ZIP files when they're uploaded, which would consume much less system resources than the old scan because it would only scan each file once ever rather than once per day.

This would require setting up a ClamAV daemon that the module could access. If the daemon is not running, the site should still work, but maybe we should mark uploads (and all legacy uploads) for batched re-scanning.

Also see #403; if we detect malware, we should not only reject that upload, but also lock any of the same users' previous modules as suspicious. The site admins could then inspect them more closely and unlock them if they are OK.