Make rate limiting return a 429, not a 500

Our HAProxy config will return a 500 when Rails returns a 429: gitlab-cookbooks/gitlab-haproxy!94 (merged)

http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#4.2-http-request says:

  - "tarpit" : this stops the evaluation of the rules and immediately blocks
    the request without responding for a delay specified by "timeout tarpit"
    or "timeout connect" if the former is not set. After that delay, if the
    client is still connected, an HTTP error 500 (or optionally the status
    code specified as an argument to "deny_status") is returned so that the
    client does not suspect it has been tarpitted.

We actually want the 429 to be returned to the client.