chore(installer): only serve installer in / and /install.sh

This avoids false positive detections on other bruteforced paths,
such as .zsh_history or others, which eventually result in
automated false vulnerability submissions.

.github/workflows/installer/vercel.json

@@ -1,7 +1,7 @@
 {
   "headers": [
     {
-      "source": "/((?!favicon.ico).*)",
+      "source": "/(|install.sh)",
       "headers": [
         {
           "key": "Content-Type",
@@ -16,7 +16,7 @@
   ],
   "rewrites": [
     {
-      "source": "/((?!favicon.ico|install.sh).*)",
+      "source": "/",
       "destination": "/install.sh"
     }
   ]