de.schildbach.wallet.sh: wrap build with disorderfs in sorted mode

This change restores build reproducibility. When comparing the produced APK with the one built for Google Play, the only remaining difference is the developer signature.

Disorderfs is used on the host system rather than within the podman guest system, because if it was mounted within podman, the guest would need to be granted SYS_ADMIN capabilitiy. This exposes the verifier to potentially malicious build scripts. The downside is that the verifier now needs to install disorderfs on the host.