Cool Docker doesnt accept my NC Domains

Hello people, so far so first I am a beginner in systemadministration and doing just some Home Cloud and simple personal networking. Im not from IT so my experience is verly low especially when it comes for Docker Usage. Propably simple problem here:

installed COOL Docker but the Server doesnt accept my Nextcloud Domains even though I try to follow the online Docs of Collabora Online Server.

Im running Cool behind Nginx Proxy Manager and I get status OK in Browser and also my Firewall settings are not causing any problems because I log everything and there is no blocking problem.

I use the follwing command to start the configure and install the docker:

docker run -t -d -p 9980:9980 \
-e "domain=aliasgroup1=https://nextcloud\\.mydomain\\.ch:443,aliasgroup2=https://privatenextcloud\\.mydomain\\.ch:443" \
-e "server_name=office.collaboraserver.ch:443" \
--name=COLLABORAOFFICE \
--restart always \
--cap-add MKNOD \
collabora/code

after trying to open a document, nextcloud says it cant open Nextcloud Office.

I checked the docker logs saying the host ist not on the list, and other SSL problems I dont get through

frk-00030-00030 2023-08-10 08:22:05.703475 +0000 [ forkit ] WRN  The systemplate directory [/opt/cool/systemplate] is read-only, and at least [/opt/cool/systemplate//etc/hosts] is out-of-date. Will have to copy sysTemplate to jails. To restore optimal performance, make sure the files in [/opt/cool/systemplate/etc] are up-to-date.| common/JailUtil.cpp:524
wsd-00001-00114 2023-08-10 08:22:05.721716 +0000 [ docbroker_00a ] ERR  No acceptable WOPI hosts found matching the target host [privatecloud.yourdevice.ch] in config| wsd/Storage.cpp:291
wsd-00001-00114 2023-08-10 08:22:05.721813 +0000 [ docbroker_00a ] ERR  loading document exception: No acceptable WOPI hosts found matching the target host [nextcloud.mydomain.ch] in config| wsd/DocumentBroker.cpp:2611
wsd-00001-00114 2023-08-10 08:22:05.721843 +0000 [ docbroker_00a ] ERR  Failed to add session to [https%3A%2F%2Fnextcloud.mydomain.ch%3A443%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F280149_ocy70n5jlyvc] with URI [https://nextcloud.mydomain.ch/index.php/apps/richdocuments/wopi/files/280149_ocy70n5jlyvc?access_token=xxxxxx access_token_ttl=1691691723000&permission=edit]: No acceptable WOPI hosts found matching the target host [nextcloud.mydomain.ch] in config| wsd/DocumentBroker.cpp:2573
wsd-00001-00114 2023-08-10 08:22:05.721872 +0000 [ docbroker_00a ] ERR  Unauthorized Request while starting session on https%3A%2F%2Fnextcloud.mydomain.ch%3A443%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F280149_ocy70n5jlyvc for socket #24. Terminating connection. Error: No acceptable WOPI hosts found matching the target host [nextcloud.mydomain.ch] in config| wsd/COOLWSD.cpp:5047
wsd-00001-00114 2023-08-10 08:22:05.722057 +0000 [ docbroker_00a ] ERR  #24: Error while handling poll at 1 in docbroker_00a: #24 (write): unknown. BIO error: 167772367, rc: -1: error:0A0000CF:SSL routines::protocol is shutdown:
C0B6FF15F57F0000:error:0A0000CF:SSL routines:ssl_write_internal:protocol is shutdown:ssl/ssl_lib.c:2034:
| net/Socket.cpp:464
wsd-00001-00114 2023-08-10 08:22:05.725976 +0000 [ docbroker_00a ] ERR  #18: Read failed, have 0 buffered bytes (ECONNRESET: Connection reset by peer)| net/Socket.hpp:1122
wsd-00001-00114 2023-08-10 08:22:05.726001 +0000 [ docbroker_00a ] WRN  #18: Unassociated Kit (113) disconnected unexpectedly| wsd/COOLWSD.cpp:3497
sh: 1: /usr/bin/coolmount: Operation not permitted
sh: 1: /usr/bin/coolmount: Operation not permitted
sh: 1: /usr/bin/coolmount: Operation not permitted

Details:

Nextcloud instance has its own IP with NAT running on latest UbuntuVersion in a VM
Office server runs also on a latest fresh ubuntu VM
vm can reach each other properly
internal DNS setup corretly
Officeserver hast Nginx Proxy Server running infront of it, it says OK when I try to reach the office domain
NPM does the SSL termination
i added this in the advanced tab:

# static files
location ^~ /loleaflet {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}
# WOPI discovery URL
location ^~ /hosting/discovery {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}
# main websocket
location ~ ^/lool/(.*)/ws$ {
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_http_version 1.1;
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
  proxy_read_timeout 36000s;
}
# download, presentation and image upload
location ~ ^/lool {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}
# Admin Console websocket
location ^~ /lool/adminws {
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_http_version 1.1;
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
  proxy_read_timeout 36000s;
}

What I tried:
Docker comand domains without slashes
remove the entry on the advanced tab in Nginx Proxy Mainager
reintalled everything
tried in an LXC Container with keyctl and nesting
starting the container with --privileged

maybe someone can give me a hint what I am doing wrong? Any help is greatly appreciated!!

thanks in advance

update:
now used

docker run -t -d -p 9980:9980 -e “aliasgroup1=https://cloud:mydomain.com:443” -e “aliasgroup2=https://privatecloud.mydomain.com:443” -e “server_name=office.mydomain.com443” --name=COLLABORAOFFICE --restart always --privileged collabora/code

all errors are gone and the alias seems to be accepted, but i still get no documents to be opened

actually i have no logs about something trying to access the coolserver now, is that normal?
Nginx proxy Manager shows OK, it works internal from LAN and external from WAN

i dont know what i do wrong. this is my cool.xml:

<storage desc="Backend storage">
        <filesystem allow="false" />
        <wopi desc="Allow/deny wopi storage." allow="true">
            <max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size>
            <locking desc="Locking settings">
                <refresh desc="How frequently we should re-acquire a lock with the storage server, in seconds (default 15 mins) or 0 for no refresh" type="int" default="900">900</refresh>
            </locking>

            <alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" >
                <group>
                    <host desc="hostname to allow or deny." allow="true">https://cloud.mydomain.com:443</host>
                </group>
                <group>
                    <host desc="hostname to allow or deny." allow="true">https://privatecloud.mydomain.com:443</host>
                </group>
            </alias_groups>

both are two different nextcloud servers not connected to each other. none of them works with COOL Server…

update:

i realized that the locations in NPM where outdated, i changed according to:

to:

# static files
 location ^~ /browser {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Host $http_host;
 }

 # WOPI discovery URL
 location ^~ /hosting/discovery {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Host $http_host;
 }

 # Capabilities
 location ^~ /hosting/capabilities {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Host $http_host;
 }

 # main websocket
 location ~ ^/cool/(.*)/ws$ {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "Upgrade";
 proxy_set_header Host $http_host;
 proxy_read_timeout 36000s;
 }

 # download, presentation and image upload
 location ~ ^/(c|l)ool {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Host $http_host;
 }

 # Admin Console websocket
 location ^~ /cool/adminws {
 proxy_pass $forward_scheme://$server:$port;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "Upgrade";
 proxy_set_header Host $http_host;
 proxy_read_timeout 36000s;
 }

but still no luck, nextcloud doesnt want to open anything. I am at the end of my Latein

nextcloud logs doesnt say anything
docker logs doesnt tell me anything anymore
my firewall doesnt give me any clues. Alle paths are open

I hope having a clue from you guys