diff --git a/tools/cors_proxy/Dockerfile b/tools/cors_proxy/Dockerfile
new file mode 100644
index 00000000..8060c8a1
--- /dev/null
+++ b/tools/cors_proxy/Dockerfile
@@ -0,0 +1,6 @@
+FROM nginx:alpine
+
+WORKDIR /etc/nginx
+COPY ./nginx.conf ./conf.d/default.conf
+ENTRYPOINT [ "nginx" ]
+CMD [ "-g", "daemon off;" ]
diff --git a/tools/cors_proxy/README.md b/tools/cors_proxy/README.md
new file mode 100644
index 00000000..4c43a9b4
--- /dev/null
+++ b/tools/cors_proxy/README.md
@@ -0,0 +1,27 @@
+# CORS NGINX Docker Proxy
+
+## What is this?
+
+This is a simple [NGINX](https://www.nginx.com/) docker server to
+append [CORS headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) to HTTP responses from a GoPro camera.
+This proxy accepts input on port 80 and forwards it to `http:10.5.5.9:8080`
+
+## How do I use it?
+
+It is intended to be run using the `docker-compose.yml` here via:
+
+```
+docker compose up
+```
+
+Once running, an HTTP-connected-GoPro can be communicated with by replacing the default `10.5.5.9:8080` with
+`localhost:8082`. For example you can get the state via:
+
+```
+curl http://localhost:8082/gopro/camera/state
+```
+
+## Future work
+
+- [ ] Allow the camera IP and port to be set at run-time
+- [ ] Add camera HTTPS support
diff --git a/tools/cors_proxy/docker-compose.yml b/tools/cors_proxy/docker-compose.yml
new file mode 100644
index 00000000..1795e010
--- /dev/null
+++ b/tools/cors_proxy/docker-compose.yml
@@ -0,0 +1,7 @@
+services:
+    cors_proxy:
+        container_name: cors_proxy
+        build:
+            context: .
+        image: tcamise/gopro-cors-proxy
+        ports: ['8082:80']
diff --git a/tools/cors_proxy/nginx.conf b/tools/cors_proxy/nginx.conf
new file mode 100644
index 00000000..a43d3734
--- /dev/null
+++ b/tools/cors_proxy/nginx.conf
@@ -0,0 +1,32 @@
+upstream api {
+  server 10.5.5.9:8080;
+}
+
+server {
+  listen 80;
+  server_name localhost;
+
+  add_header 'Access-Control-Allow-Origin' '*' always;
+  add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,
+  X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range' always;
+  add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
+
+  location / {
+
+    if ($request_method = 'OPTIONS') {
+      add_header 'Access-Control-Max-Age' 1728000 always;
+      add_header 'Access-Control-Allow-Origin' '*' always;
+      add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,
+      X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range' always;
+      add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
+      return 204;
+    }
+
+    add_header 'Access-Control-Allow-Origin' '*' always;
+    add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,
+    X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range' always;
+    add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
+
+    proxy_pass  http://10.5.5.9:8080/;
+  }
+}
\ No newline at end of file