I think I figured it out. Setting the loglevel to “information” reveals the behavior.
As expected, when “mode” is set to “first”, then the first host that connects will be added to the list of trusted WOPI hosts. The log message will be:
Adding trusted WOPI host: [hostname]
Interestingly, the behavior is the same when setting “mode” to “groups” but not defining any groups or only empty groups.
Now onto why I could not lock out my own Nextcloud with the setting in my original post: The local machine will always automatically be added to the list of trusted hosts. The log then says:
WOPI host [hostname] is on the same host as the WOPI client: “ip.addr.of.hostname”. Connection is allowed.
So, the way to secure this kind of installation is still to use the pattern from my original post (of course with the correct hostname of the machine). But for proper testing, one needs a different WOPI host (e.g., a second Nextcloud) on a separate machine.