Move GitLab Pages behind Cloudflare

In order to gain the full benefits of our upcoming traffic management policy (https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/9711) we should move GitLab Pages behind Cloudflare.

We will not be able to utilize the HTTPS pipelines for this, because GitLab Pages terminates TLS itself. So we'll resort to Cloudflare Spectrum to pass port 80 and 443 as TCP.
Apart from that, we need to bypass Cloudflare's HTTPS Pipeline anyways in order to be able to continue to offer custom hostnames.

Up for consideration:

1. gitlab.io is a separate domain. Needs another DNS switchover
2. URI based WAF and firewall actions not possible, they would be restricted to IP filtering only.