Set media path to write to non-source code directory

[TheLonelyGhost]

This is generally a security risk, if we allowed users we didn't fully trust to access the wiki. We do, but let's pretend for a second that we didn't.

---

A user might upload malicious file as one half of an exploit and call the uploaded file using another vulnerability. Proper security settings for allowing user uploads is two-fold:

1. Keep uploads on a separate host or disk than where things are allowed to execute. Maybe that's something like uploading to a static file server (e.g., Amazon S3 bucket), maybe that's a separate path that is mounted with special "no execute" settings in the fstab file (often /tmp is this way)

2. Making source code directories read/execute only and owned by a different user than the runtime user (e.g., owned by root, executed as username blossom)

---

Given we do trust everyone who would have wiki access, that's less of an issue. Where it remains an issue is we have to pull some hacky stuff to keep media uploads and reinstall blossom as a package. If it's installed by running a new docker container, we need to mount part of the directory where blossom source code exists. If it's installed as a wheel file in a virtualenv, the source code directory is somewhere buried in a site-packages/ directory and makes it difficult to manage.

Either way, the best plan is to manage blossom's media which aren't versioned with the source code in a configurable directory that is completely separate from the source code.

[TheLonelyGhost]

No longer uploading anything to the filesystem, so no longer relevant.