Fixes for TLS for Zoekt gateway

This TLS stuff was originally add in !15 (merged) .

When we tried to roll it out to GSTG in gitlab-com/gl-infra/k8s-workloads/gitlab-com!2806 (diffs) we noticed a few problems:

1. The main problem was that the YAML syntax was invalid when dnsNames was set because it was getting merged onto the same line as ipAddresses. I never spotted this because I originally wanted to use ipAddresses instead of dnsNames but now that we're using dnsNames I'm just going to remove ipAddresses
2. The privateKey was hardcoded and we maybe want this to be configurable so we have moved it into values
3. We wanted to add annotations to the statefulSet to reload when the secret changed. Now we've added that annotation into the chart as well as allowed for configuring yet more annotations for the stateful set with values

Related to gitlab-org/gitlab#389749 (closed)