Which folder to scan for antivirus?
I want to setup ClamAV to scan my GitLab server. Specifically, I want it to scan the areas that have uploaded files. It won't actually modify anything (only email me especially if someone simply upload the Eicar test), and viruses in repositories won't affect the server itself, but I still want to know. Besides the repositories folder, what other folders should I scan excluding the PostgreSQL database? I want to scan images, for instance, that can be uploaded as well as repositories.