Lock down database.yml

It should not be world-readable or writeable by the GitLab user.

Author: chewi

recipes/default.rb

@@ -215,9 +215,9 @@ class file open;
 # Write the database.yml
 template "#{node['gitlab']['app_home']}/config/database.yml" do
   source 'database.yml.erb'
-  owner node['gitlab']['user']
+  owner 'root'
   group node['gitlab']['group']
-  mode '0644'
+  mode '0640'
   variables(
     adapter: node['gitlab']['database']['adapter'],
     encoding: node['gitlab']['database']['encoding'],