Hello @hanswerneralbrecht, welcome to the Nextcloud community! 
first of of all I recommend working through Collabora Integration guide and you will isolate and often solve 99% of integration issues.
from your config I’m wondering about all the ip addresses - I would recommend not doing so - all Docker Containers connected to a network can reach each other using DNS which is usually much easier. it looks you place postgres and redis in a separate network? this not related with the office error but adds complexity without a reason, I would recommend all services like redis, DB and notify_push run in the same “default” network.
maybe this one is not right:
for me one DNS record per aliasgroup works without quotes like - aliasgroup1=${NEXTCLOUD1} which is filled from .env file (but should wok directly as well.
depending on your setup your public IP might appear - I would recommend starting with “allow all” and monitor your logs. see topics tagged wopi_allowlist