Add new fallback CDN

[Morb0]

CDN

Problem with blocked Bunny CDN in Russian that serve RobustToolbox builds existed for quite some time and has not been resolved.

Therefore, I propose adding a new CDN that uses Yandex Cloud infrastructure, which is fully accessible in Russia (and will always be (I hope so...)).

New CDN URL: https://robust-builds.cdn.station14.ru

However, https://cdn.station14.ru/robust-builds/ is used for manifest.json and modules.json because the main CDN fully proxies all files from it origin, including the original manifest.json where the URLs point to the wrong CDN; I proxy and replace links in Nginx config to point correct CDN.

[deathride58]

For reviewers, a quick sanity check:

station14.ru is Corvax's domain. Corvax is one of the most popular RU megacommunities, being the closest thing that the RU community has to its own Wizden. This means that in regions affected by the RKN's censorship, Corvax is very likely to already have the same info (useragent, fingerprint, IP, etc) that the CDN receives, as that same info is sent to any server a player views the details of in the launcher (or has added to their favorites).

Corvax itself is free of any hub infractions, and since its first appearance on the hub in 2023, it's seen no formally recorded hub incidents that've been deemed actionable. It's proven itself to remain quite stable over the years, even in the face of drama and attempts by other communities to sabotage it. As far as communities go, Corvax has proven itself trustworthy in ways that very few EN communities have.

Additionally, the launcher itself handles CDN downloads in a saner way than I initially believed when I encouraged this PR to be made. Specifically, the launcher makes use of cryptographically-signed checksums to verify that engine builds and modules have not been tampered with. This means that the worst a malicious CDN mirror could do is lift the insecure flag off of vulnerable engine versions (which is why support for arbitrary CDN urls was previously denied), but that's very much something that can be resolved (and given Corvax's proven track record, there's honestly extremely low risk of this happening with them for however long it'd take to resolve that-- and I say this as someone who's usually quick to deem third-parties as untrustworthy)