Pages custom domains can be claimed without verification

Currently, users can add any domain they like as a GitLab Pages custom domain. We should implement some sort of authorization flow to prevent users from claiming domains they do not own.

There are a range of possible methods; Google Apps custom domains and Lets Encrypt domain verification have similar problems. Solutions include:

Sending an email to, e.g., postmaster@domain
Requesting that DNS record containing specified text is added to the domain

Original proposal:

This should probably be in gitlab-ee, but I'm not sure so here goes.

Right now, custom domain names should be unique across the GitLab instance. The thing is that a user can enter any domain they want even if they don't own it.

User A enters git.io for a custom domain on a project, which they don't own
User B owns git.io and when they try to add a custom domain they get rejected since the domain already exists.

There is no way to know who owns what, so the uniqueness validation should be on a namespace level.