:5002 {
    @cors_preflight method OPTIONS

    header {
             Access-Control-Allow-Origin "{header.origin}"
             Vary Origin
             Access-Control-Expose-Headers "*"
             +Access-Control-Allow-Headers "*"
             +Access-Control-Allow-Headers "Authorization,Content-Type,Accept,User-Agent"
             Access-Control-Allow-Credentials "true"
    }

    handle @cors_preflight {
             header {
                     Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
                     Access-Control-Max-Age "3600"
             }
             respond "" 204
    }

    reverse_proxy host.docker.internal:5001
}