Hardening SSL

[georgejung]

Is your feature request related to a problem? Please describe.
Want to have something as secure as is possible, being usable. SSL Check by default gives me B rating (https://www.ssllabs.com/ssltest/) due to TLS 1, and weak ciphers.

Describe the solution you'd like
Integrate dynamic config file into the role. The minimum TLS version and accepted ciphers can be set in a dynamic_conf.toml file. If we put that in our templates folder, reference it in our traefik.toml, and update the tasks/main.yml then we can harden the connection significantly, and I have not lost any functionality.

I was able to set the minimum TLS version but the ciphers hasn't seemed to work for me yet in traefik 2.4. I had both minimium tls and ciphers working in my traefik.toml (v1.7).

Describe alternatives you've considered
None

Additional context
https://github.com/georgejung/ansible-nas/tree/master/roles/traefik

I forked and made the changes for this specific issue in the above repo. I was hesitant to do a pull request since I didn't do all of the testing required, but that is my working code, for whatever its worth.

Thanks again for everyone's work on this project.

[HitLuca]

@georgejung You made the same mistake as me, as not mounting the new dynamic configuration in the traefik docker container!