SSO-specific nextcloud settings

@xeruf proposed these additional nextcloud settings, that make sense in our single-sign-on environment:

configs:
  sso.config.php: |-
    <?php
    $CONFIG = array (
      'allow_user_to_change_display_name' => false,
      'lost_password_link' => 'https://sso.${domain}/login/recovery',
    );

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

SSO-specific nextcloud settings