Downgrade TLS configuration to Mozilla's "intermediate" spec

From looking at the list of clients who would be allowed to connect
when using the "modern" spec, I think I'd be doing more harm than
good to use that config right now...

https://www.ssllabs.com/ssltest/analyze.html?d=alaninkenya.org
https://wiki.mozilla.org/Security/Server_Side_TLS

Signed-off-by: Alan Orth <alan.orth@gmail.com>

roles/nginx/defaults/main.yml

@@ -8,7 +8,7 @@ nginx_confd_path: /etc/nginx/conf.d
 nginx_root_prefix: /var/www
 
 # TLS protocol versions to support
-nginx_tls_protocols: TLSv1.1 TLSv1.2
+nginx_tls_protocols: TLSv1 TLSv1.1 TLSv1.2
 
 # TLS key directory
 tls_key_dir: /etc/ssl/private