support clamav socket

README.md

@@ -86,6 +86,8 @@ Additionally, you can use the following options when starting an instance:
 - `kaspersky`: setup a kaspersky scan engine server in http mode. ( Requires
   [manually setting up the image](https://github.com/icewind1991/kaspersky-docker))
 - `kaspersky-icap`: setup a kaspersky scan engine server in ICAP mode.
+- `clamav`: setup a local clam av scanner in executable mode.
+- `clamav-socket`: setup a clam av scanner in socket mode.
 - `clamav-icap`: setup a clam av scanner in ICAP mode.
 - `clamav-icap-tls`: setup a clam av scanner in ICAP mode with TLS encryption.
 - `oc`: start an ownCloud instance in the same network.

nix/image/phpunit.nix

@@ -31,7 +31,8 @@
       vendorHash = "sha256-H+XMRMvbUz/WCUdPRmL8nSCqa5YE3Qb1+goEQjjDK70=";
     };
   };
-in php.buildComposerProject2 (finalAttrs: {
+in
+  php.buildComposerProject2 (finalAttrs: {
     pname = "phpunit";
     inherit (versions.${phpVersion}) version vendorHash;
 

src/service.rs

@@ -16,7 +16,7 @@ mod smb;
 
 use crate::cloud::CloudOptions;
 use crate::config::{HazeConfig, Preset};
-pub use crate::service::clam::{Clam, ClamIcap, ClamIcapTls};
+pub use crate::service::clam::{Clam, ClamIcap, ClamIcapTls, ClamSocket};
 use crate::service::dav::Dav;
 use crate::service::imaginary::Imaginary;
 use crate::service::kaspersky::{Kaspersky, KasperskyIcap};
@@ -207,6 +207,7 @@ pub enum Service {
     Kaspersky(Kaspersky),
     KasperskyIcap(KasperskyIcap),
     Clam(Clam),
+    ClamSocket(ClamSocket),
     ClamIcap(ClamIcap),
     ClamIcapTls(ClamIcapTls),
     Oc(Oc),
@@ -247,9 +248,13 @@ impl Service {
             "kaspersky" => Some(vec![Service::Kaspersky(Kaspersky)]),
             "kaspersky-icap" => Some(vec![Service::KasperskyIcap(KasperskyIcap)]),
             "clamav" => Some(vec![Service::Clam(Clam)]),
+            "clamav-external" => Some(vec![Service::ClamSocket(ClamSocket)]),
+            "clamav-socket" => Some(vec![Service::ClamSocket(ClamSocket)]),
             "clamav-icap" => Some(vec![Service::ClamIcap(ClamIcap)]),
             "clamav-icap-tls" => Some(vec![Service::ClamIcapTls(ClamIcapTls)]),
             "clam" => Some(vec![Service::Clam(Clam)]),
+            "clam-external" => Some(vec![Service::ClamSocket(ClamSocket)]),
+            "clam-socket" => Some(vec![Service::ClamSocket(ClamSocket)]),
             "clam-icap" => Some(vec![Service::ClamIcap(ClamIcap)]),
             "clam-icap-tls" => Some(vec![Service::ClamIcapTls(ClamIcapTls)]),
             "mail" => Some(vec![Service::Mail(Mail)]),

src/service/clam.rs

@@ -234,3 +234,79 @@ impl ServiceTrait for Clam {
         ])
     }
 }
+
+#[derive(Debug, Clone, Eq, PartialEq)]
+pub struct ClamSocket;
+
+#[async_trait::async_trait]
+impl ServiceTrait for ClamSocket {
+    fn name(&self) -> &str {
+        "clamav-socket"
+    }
+
+    async fn spawn(
+        &self,
+        docker: &Docker,
+        cloud_id: &str,
+        network: &str,
+        _config: &HazeConfig,
+        _options: &CloudOptions,
+    ) -> Result<Vec<String>> {
+        let image = "clamav/clamav";
+        pull_image(docker, image).await?;
+        let options = Some(CreateContainerOptions {
+            name: self.container_name(cloud_id).unwrap(),
+            ..CreateContainerOptions::default()
+        });
+        let config = Config {
+            image: Some(image),
+            host_config: Some(HostConfig {
+                network_mode: Some(network.to_string()),
+                ..Default::default()
+            }),
+            labels: Some(hashmap! {
+                "haze-type" => self.name(),
+                "haze-cloud-id" => cloud_id
+            }),
+            networking_config: Some(NetworkingConfig {
+                endpoints_config: hashmap! {
+                    network => EndpointSettings {
+                        aliases: Some(vec![self.name().to_string()]),
+                        ..Default::default()
+                    }
+                },
+            }),
+            ..Default::default()
+        };
+        let id = docker
+            .create_container(options, config)
+            .await
+            .into_diagnostic()?
+            .id;
+        docker
+            .start_container::<String>(&id, None)
+            .await
+            .into_diagnostic()?;
+        Ok(vec![id])
+    }
+
+    fn container_name(&self, cloud_id: &str) -> Option<String> {
+        Some(format!("{}-{}", cloud_id, self.name()))
+    }
+
+    fn apps(&self) -> &'static [&'static str] {
+        &["files_antivirus"]
+    }
+
+    async fn post_setup(
+        &self,
+        _docker: &Docker,
+        _cloud_id: &str,
+        _config: &HazeConfig,
+    ) -> Result<Vec<String>> {
+        Ok(vec![
+            "occ config:app:set files_antivirus av_mode --value=socket".into(),
+            "occ config:app:set files_antivirus av_socket --value=tcp://clamav-socket:3310".into(),
+        ])
+    }
+}