Nextcloud Unauthorized WOPI host

Darshan · June 10, 2025, 5:49pm

Hello everyone,

I’ve set up Nextcloud using the Docker environment from this repository:
https://github.com/juliusknorr/nextcloud-docker-dev
Everything works well there.

On my local machine, I’m running Collabora Online (master branch with the latest patches), and it’s running fine on its own.

After configuring the Collabora URL in Nextcloud, I see the green message indicating that the server is reachable. However, when I try to open any document, I get this error:

“Unauthorized WOPI host. Please try again later and report to your administrator if the issue persists.”

What I’ve Tried:

I added the IP and domain (e.g. nextcloud.local) of my Nextcloud instance to the <host> tag in the <wopi> section of coolwsd.xml.
Restarted the Collabora container multiple times after config changes.
Verified DNS and IP resolution between both containers.

Additional Info:

I’ve gone through several similar topics in the forums and GitHub issues, but none of the suggested solutions have worked for me so far.

I’d really appreciate any guidance or suggestions. Has anyone managed to get this setup working with a similar environment?

Thanks in advance!

wwe · June 10, 2025, 8:13pm

Unauthorized WOPI hosts comes from the wopi_allowlist which creates an ip-based list of hosts allowed to send WOPI requests to Nextcloud. as you are running a dev environment I think adding “allow all” rule like 0.0.0.0/0 should fix the problem

look at our source of truth Collabora integration guide - it doesn’t cover your dev case but maybe it helps you as well.

Darshan · June 11, 2025, 6:02am

Hii @wwe Thanks for the quick reply. I have tried to add the Ip you suggested in my NC dev environment but still the issue is same.

scubamuc · June 11, 2025, 6:22am

@Darshan
without DNS and TLS this will not work
there is no way to host Collabora CODE without a valid certificate
you may try self-signed certificates but that will require local DNS to be configured

Darshan · June 11, 2025, 6:39am

@scubamuc are you sure ? i have disabled the self signed certificate for CODE server and i think this should not require DNS configuration

Also Collabora online is running in same system as the NC docker running. And this is all in one network just as a development env…

scubamuc · June 11, 2025, 6:41am

without valid certification there is no way to validate WOPI

wwe · June 11, 2025, 6:54am

look at the logs (docker logs) and check where the request comes from - usually this is the public IP - in your setup this might be different.

From CODE troubleshooting list I see

curl -i https://localhost:9980/hosting/wopiAccessCheck --header “Content-Type: application/json” -d '{“callbackUrl”:“https://wopi-host.local:8443”}

AFAIK CODE exposes https on port 9980 - but you seem to configure plain http..

as scubamuc mentioned - TLS is required for productive installations - I’m not sure there are additional settings required to setup dev without TLS - I never tried.. I’m aware of issues e.g. with copy&paste which doesn’t work without TLS. Depending on your goal it might be easier to setup a production-like environment with DNS/TLS rather some hand-crafted special which might work completely different..

Darshan · June 11, 2025, 7:34am

It’s related to ipv-6 issue

I removed ::1 from etc/hosts for nextcloud.local and now it’s working

Thanks @wwe @scubamuc for helping