I waited a bit before joining the discussion since I’ve already faced the issue but didn’t find a good solution.
After reading all the ideas, I sadly still have the same opinion: there is no simple and clean solution.
Those URLs are valid for each host. So for the main FQDN, redirects must be placed under the default virtual host, for all other domain names, redirects should be placed inside the virtual hosts.
An uninstalled package can’t execute extra code, such logic must be implemented in a core package.
This is a good proposal, still we need something implemented in a core package to know if a package is the “first-installed”
IMHO, this is not a problem which needs a coded solutions.
Most of the servers don’t have multiple groupware installed: just choose between SOGo and WebTop.
Nextcloud groupware is not still mature enough, and if you want to test it just configure Nextcloud in a virtual host. And if you really want device auto-configuration for Nextcloud, just drop a template-custom.
For now, I think we can still face the issue adding a couple of lines inside the documentation.