Fix LetsEncrypt renewal failures

[yanokwa]

Central certs were not able to renew because some of them had the old conf from https://github.com/staticfloat/docker-nginx-certbot/tree/master/src/nginx_conf.d. Instead we need the conf from https://github.com/JonasAlfredsson/docker-nginx-certbot/tree/master/src/nginx_conf.d.

I tried a million ways in the Dockerfile to copy the *.conf files into /etc/nginx/conf.d, but they'd would never appear in the live container, so I reverted to using odk-setup.sh.

My specific changes are...

• Pin docker-nginx-certbot version to 2.4.1 not 2.4 because we don't want any surprises if they release a patch.
• Put the necessary files from https://github.com/JonasAlfredsson/docker-nginx-certbot/tree/master/src/nginx_conf.d into repo and copy to /usr/share/nginx/. This does mean that each time we update docker-nginx-certbot, we should also upgrade the conf files.
• In odk-setup.sh, copy the conf files into /etc/nginx/conf.d/
• Remove all certbot conf files when using configurations that don't involve certbot
  • This seems like the highest risk change, but it should only affect a tiny group of people there's a bug
• Add trailing slashes to folders to make it clearer what each command is doing
• Move around echo message so it's more consistent

I verified this worked with ODK Cloud setups (letsencrypt), but I did not verify with upstream, selfsigned, or nothing.