Config for NGINX SSL/TLS.

This adds additional SSL/TLS config to specify the acceptable TLS
version, cipher suites, session cache, etc. Values are currently based
on the Mozilla Foundation's recommendations for intermediate
compatibility:

https://wiki.mozilla.org/Security/Server_Side_TLS

We will manage NGINX configuration snippets as a K8s ConfigMap so that
they can be included in server blocks as-needed.

deploy/azure/kustomization.yaml

@@ -11,3 +11,4 @@ resources:
   - nginx-client-ca-bundle.yml
   - acme-challenges.yml
   - aadpodidentity.yml
+  - nginx-snippets.yml