diff --git a/Dockerfile b/Dockerfile
index 731c94c..3c7b3a0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,9 +26,8 @@ ENV PGID=0
 
 # copy binary and prepare data dir.
 COPY --from=builder /app/bin/* /usr/bin/
-VOLUME [ "/data" ]
 
-EXPOSE 3000
+EXPOSE 3001/tcp
 
 USER ${PUID}:${PGID}
 
diff --git a/nodes/hostd.go b/nodes/hostd.go
index ac555ad..b3a9529 100644
--- a/nodes/hostd.go
+++ b/nodes/hostd.go
@@ -217,7 +217,14 @@ func (m *Manager) StartHostd(ctx context.Context, ready chan<- struct{}) error {
 
 	server := http.Server{
 		Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if strings.HasPrefix(r.URL.Path, "/api") {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Allow-Methods", "*")
+			w.Header().Set("Access-Control-Allow-Headers", "*")
+			w.Header().Set("Access-Control-Expose-Headers", "*")
+			if r.Method == http.MethodOptions {
+				w.WriteHeader(http.StatusNoContent)
+				return
+			} else if strings.HasPrefix(r.URL.Path, "/api") {
 				r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api")
 				api.ServeHTTP(w, r)
 				return
diff --git a/nodes/renterd.go b/nodes/renterd.go
index daaf610..a25f1e6 100644
--- a/nodes/renterd.go
+++ b/nodes/renterd.go
@@ -165,7 +165,14 @@ func (m *Manager) StartRenterd(ctx context.Context, ready chan<- struct{}) error
 	var workerHandler, busHandler, autopilotHandler http.Handler
 	server := &http.Server{
 		Handler: jape.BasicAuth("sia is cool")(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if strings.HasPrefix(r.URL.Path, "/api/worker") {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Allow-Methods", "*")
+			w.Header().Set("Access-Control-Allow-Headers", "*")
+			w.Header().Set("Access-Control-Expose-Headers", "*")
+			if r.Method == http.MethodOptions {
+				w.WriteHeader(http.StatusNoContent)
+				return
+			} else if strings.HasPrefix(r.URL.Path, "/api/worker") {
 				r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api/worker")
 				workerHandler.ServeHTTP(w, r)
 				return
diff --git a/nodes/walletd.go b/nodes/walletd.go
index 86aa28d..51d1d51 100644
--- a/nodes/walletd.go
+++ b/nodes/walletd.go
@@ -112,7 +112,14 @@ func (m *Manager) StartWalletd(ctx context.Context, ready chan<- struct{}) error
 	api := jape.BasicAuth("sia is cool")(api.NewServer(cm, s, wm, api.WithLogger(log.Named("api"))))
 	server := &http.Server{
 		Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if strings.HasPrefix(r.URL.Path, "/api/") {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Allow-Methods", "*")
+			w.Header().Set("Access-Control-Allow-Headers", "*")
+			w.Header().Set("Access-Control-Expose-Headers", "*")
+			if r.Method == http.MethodOptions {
+				w.WriteHeader(http.StatusNoContent)
+				return
+			} else if strings.HasPrefix(r.URL.Path, "/api/") {
 				r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api")
 				api.ServeHTTP(w, r)
 				return