deployment: Set permissions of pki secret volume

The PKI folder should only be readable by root. Set the permissions to
0400.

This removes the following warnings from the logs:
  WARNING: file '/etc/openvpn/pki/private.key' is group or others accessible
  WARNING: file '/etc/openvpn/pki/ta.key' is group or others accessible

kube/deployment.yaml

@@ -59,6 +59,7 @@ spec:
       - name: openvpn-pki
         secret:
           secretName: openvpn-pki
+          defaultMode: 0400
       - name: openvpn-ccd
         configMap:
           name: openvpn-ccd