Use only TLSv1 and greater to depoodle

The poodle SSLv3 vulnerability is a good reason to stop using SSLv3.
Switch to TLS everywhere in our apache vhost configs.

Change-Id: If7b18174253b6f185e029f97bfa77d8ad4941385

templates/git.vhost.erb

@@ -60,6 +60,7 @@
   CustomLog /var/log/httpd/git-access.log combined
 
   SSLEngine on
+  SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
 
   SSLCertificateFile      <%= scope.lookupvar("cgit::ssl_cert_file") %>
   SSLCertificateKeyFile   <%= scope.lookupvar("cgit::ssl_key_file") %>