Unauthorized WOPI hosts comes from the wopi_allowlist which creates an ip-based list of hosts allowed to send WOPI requests to Nextcloud. as you are running a dev environment I think adding “allow all” rule like 0.0.0.0/0 should fix the problem
look at our source of truth Collabora integration guide - it doesn’t cover your dev case but maybe it helps you as well.