refactor: Centralize server forbidden checks into moderation module

This moves all checks related to `forbidden_remote_server_names`,
`forbidden_remote_room_directory_server_names` and
`prevent_media_downloads_from` to a new `moderation` module.
This is useful for implementing more complicated logic globally.
Mostly the changes from #673, but is also relevant for #750

src/service/services.rs

@@ -12,7 +12,7 @@ use tokio::sync::Mutex;
 use crate::{
 	account_data, admin, appservice, client, config, emergency, federation, globals, key_backups,
 	manager::Manager,
-	media, presence, pusher, resolver, rooms, sending, server_keys, service,
+	media, moderation, presence, pusher, resolver, rooms, sending, server_keys, service,
 	service::{Args, Map, Service},
 	sync, transaction_ids, uiaa, updates, users,
 };
@@ -39,6 +39,7 @@ pub struct Services {
 	pub uiaa: Arc<uiaa::Service>,
 	pub updates: Arc<updates::Service>,
 	pub users: Arc<users::Service>,
+	pub moderation: Arc<moderation::Service>,
 
 	manager: Mutex<Option<Arc<Manager>>>,
 	pub(crate) service: Arc<Map>,
@@ -106,6 +107,7 @@ impl Services {
 			uiaa: build!(uiaa::Service),
 			updates: build!(updates::Service),
 			users: build!(users::Service),
+			moderation: build!(moderation::Service),
 
 			manager: Mutex::new(None),
 			service,