Add improved dhparam

[sbwoodside]

It's possible to generate stronger diffie-hellman parameters, for example by doing this:

openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

And then with nginx config add this line:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

This should be as simple as:

- name: Improve Diffie-Helmann parameters
  command: openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  args:
    creates: /etc/ssl/certs/dhparam.pem

For analysis see e.g. http://security.stackexchange.com/questions/38206/can-someone-explain-what-exactly-is-accomplished-by-generation-of-dh-parameters and this site recommends doing it: https://weakdh.org/sysadmin.html