HaProxy: Explicitly configure allowed TLS ciphers

docker/docker-compose.yml

@@ -139,6 +139,9 @@ haproxy:
   environment:
    - CERT_FOLDER=/certs/
    - TIMEOUT=connect 5s, client 5m, server 10m
+   - SSL_BIND_CIPHERS=ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
+   - SSL_BIND_OPTIONS=no-sslv3
+   - EXTRA_GLOBAL_SETTINGS=tune.ssl.default-dh-param 2048
   links:
    - blender_cloud
    # - notifserv