Feature Request: Support Custom TLS Cipher Suite Configuration in NooBaa Services

[aditya7007007]

Is your feature request related to a problem? Please describe.
Description of what the problem is.
Currently, NooBaa services (noobaa-core, noobaa-endpoint) expose TLS endpoints with a broad set of cipher suites, including some that are considered weak or deprecated in modern compliance frameworks (e.g., FIPS, PCI-DSS, CIS benchmarks).
There is no supported way to configure or restrict the TLS cipher suites used by these services.
Describe the solution you'd like
Description of what you want to happen.
Many enterprise environments require strict TLS configurations to meet security and compliance requirements. Scans using tools like Nessus or Qualys regularly flag the use of CBC-mode ciphers, RSA key exchange, and outdated algorithms. For example:

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_CCM

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

These cannot currently be disabled or replaced with stronger ciphers in NooBaa.

No configuration options in the NooBaa CRD (in ODF) or Helm values (upstream)

No environment variables exposed for overriding Node.js/OpenSSL TLS settings

Manual changes to deployments (e.g., setting NODE_OPTIONS) are not persistent and are overwritten by operators

Describe alternatives you've considered
Description of alternative solutions or features you've considered.
A configuration file or environment variable (NODE_OPTIONS, SSL_CIPHERS, etc.)

Helm chart values for upstream installations

An API or CRD extension (in downstream ODF) to persist cipher configuration

Additional context
Add any other context or screenshots about the feature request here.
Benefit to the community:

Enables compliance with security standards

Allows users to eliminate known-weak ciphers

Aligns NooBaa behavior with other cloud-native tools that support TLS customization (e.g., Kubernetes API server, OpenShift Ingress)

We are filing this RFE based on real-world enterprise use cases where security scans flagged NooBaa’s TLS configuration as non-compliant. This is a growing concern as more organizations adopt NooBaa in regulated industries.