diff --git a/bin/amd64/caddy b/bin/amd64/caddy
new file mode 100755
index 0000000..0e20c8f
Binary files /dev/null and b/bin/amd64/caddy differ
diff --git a/bin/arm64/caddy b/bin/arm64/caddy
new file mode 100644
index 0000000..42259cc
Binary files /dev/null and b/bin/arm64/caddy differ
diff --git a/caddy b/caddy
new file mode 120000
index 0000000..b5003b5
--- /dev/null
+++ b/caddy
@@ -0,0 +1 @@
+/opt/caddy/bin/arm64/caddy
\ No newline at end of file
diff --git a/conf/caddy.conf b/conf/caddy.conf
new file mode 100644
index 0000000..8fe9ab6
--- /dev/null
+++ b/conf/caddy.conf
@@ -0,0 +1,22 @@
+#!/bin/bash
+(r53) {
+   tls {
+      dns lego_deprecated route53
+    }
+}
+# Main http/https redirect for anything arriving on port 80/http
+*.kebler.net:80 {
+   redir https://{label1}.kebler.net{uri}
+}
+
+# Git Server
+https://git.238.kebler.net {
+    import r53
+    reverse_proxy http://nas.kebler.net:3000
+    }
+
+# Home Assistant Server
+https://ha.238.kebler.net {
+    import r53
+    reverse_proxy /* hassio.kebler.net:8123
+    }
diff --git a/env/.gitignore b/env/.gitignore
new file mode 100644
index 0000000..5f614e6
--- /dev/null
+++ b/env/.gitignore
@@ -0,0 +1,2 @@
+/AWS
+/aws.sh
diff --git a/filter/GeoLite2-Country.mmdb b/filter/GeoLite2-Country.mmdb
new file mode 100644
index 0000000..8df6af2
Binary files /dev/null and b/filter/GeoLite2-Country.mmdb differ
diff --git a/scripts/arch b/scripts/arch
new file mode 100755
index 0000000..271ff9d
--- /dev/null
+++ b/scripts/arch
@@ -0,0 +1,6 @@
+#!/bin/bash
+ARCH=${1:-amd64}
+DIR=$(dirname "$(dirname "$(readlink -f "$0")")") || exit
+echo Making Link to $ARCH binary in $DIR/bin/$ARCH/caddy
+rm $DIR/caddy
+ln -s $DIR/bin/$ARCH/caddy $DIR/caddy
diff --git a/scripts/convert b/scripts/convert
new file mode 100755
index 0000000..f677539
--- /dev/null
+++ b/scripts/convert
@@ -0,0 +1,2 @@
+#!/bin/bash
+/opt/caddy/caddy adapt --config /opt/caddy/caddy.conf --adapter caddyfile > caddy.json
diff --git a/scripts/deploy b/scripts/deploy
new file mode 100755
index 0000000..ee0fdb5
--- /dev/null
+++ b/scripts/deploy
@@ -0,0 +1,4 @@
+#!/bin/bash
+HOST=${1:-rrock64}
+# run as root
+sudo rsync -chavzP  -e 'ssh -p22  -i /home/david/.ssh/privatekeys/sysadmin.kebler.net' /opt/caddy/ root@${HOST}:/opt/caddy
diff --git a/scripts/mkuser b/scripts/mkuser
new file mode 100755
index 0000000..917eae8
--- /dev/null
+++ b/scripts/mkuser
@@ -0,0 +1,20 @@
+#!/bin/bash
+#!/bin/bash
+sudo userdel caddy
+sudo groupadd caddy
+sudo groupmod --gid 937 caddy
+sudo useradd --system \
+  -m \
+  --uid 937 \
+	--gid caddy \
+	--create-home \
+	--home-dir /opt/caddy \
+	--shell /bin/bash \
+	--comment "Caddy web server" \
+	caddy
+sudo passwd caddy
+sudo chown caddy:caddy -R /opt/caddy
+sudo usermod -a -G caddy sysadmin
+sudo chmod g+rw -R /opt/caddy
+cat /etc/passwd | grep caddy
+cat /etc/passwd | grep sysadmin
diff --git a/scripts/run b/scripts/run
new file mode 100755
index 0000000..7da98d3
--- /dev/null
+++ b/scripts/run
@@ -0,0 +1,5 @@
+#!/bin/bash
+# one off run command for testing without systemd
+source /opt/caddy/env/aws.sh
+sudo -E /usr/bin/env | grep AWS
+sudo -E /opt/caddy/caddy run --config /opt/caddy/conf/caddy.conf --adapter caddyfile
diff --git a/scripts/stop b/scripts/stop
new file mode 100755
index 0000000..b645b64
--- /dev/null
+++ b/scripts/stop
@@ -0,0 +1,2 @@
+#!/bin/bash
+sudo /opt/caddy/caddy stop
diff --git a/scripts/updatebin b/scripts/updatebin
new file mode 100755
index 0000000..58050f3
--- /dev/null
+++ b/scripts/updatebin
@@ -0,0 +1,6 @@
+#!/bin/bash
+# TODO needs work
+SERVER="download.kebler.net"
+DIR=$(dirname "$(dirname "$(readlink -f "$0")")") || exit
+echo Getting updated binary
+wget
diff --git a/systemd/caddy-api.service b/systemd/caddy-api.service
new file mode 100644
index 0000000..452a8f9
--- /dev/null
+++ b/systemd/caddy-api.service
@@ -0,0 +1,25 @@
+# caddy-api.service
+#
+# For using Caddy with its API.
+#
+# This unit is "durable" in that it will automatically resume
+# the last active configuration if the service is restarted.
+
+[Unit]
+Description=Caddy
+Documentation=https://caddyserver.com/docs/
+After=network.target
+
+[Service]
+User=caddy
+Group=caddy
+ExecStart=/usr/bin/caddy run --environ --resume
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd/caddy.service b/systemd/caddy.service
new file mode 100644
index 0000000..00de363
--- /dev/null
+++ b/systemd/caddy.service
@@ -0,0 +1,34 @@
+# caddy.service
+#
+# For using Caddy with a config file.
+#
+# Make sure the ExecStart and ExecReload commands are correct
+# for your installation.
+#
+# WARNING: This service does not use the --resume flag, so if you
+# use the API to make changes, they will be overwritten by the
+# Caddyfile next time the service is restarted. If you intend to
+# use Caddy's API to configure it, add the --resume flag to the
+# `caddy run` command or use the caddy-api.service file instead.
+
+[Unit]
+Description=Caddy
+Documentation=https://caddyserver.com/docs/
+After=network.target
+
+[Service]
+User=caddy
+Group=caddy
+EnvironmentFile=/opt/caddy/env/AWS
+WorkingDirectory=/opt/caddy
+ExecStart=/opt/caddy/caddy run --environ --config /opt/caddy/conf/caddy.conf --adapter=caddyfile
+ExecReload=/opt/caddy/caddy reload --config /opt/caddy/conf/caddy.conf --adapter=caddyfile
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd/install b/systemd/install
new file mode 100755
index 0000000..6607240
--- /dev/null
+++ b/systemd/install
@@ -0,0 +1,5 @@
+#!/bin/bash
+# makes link to this service file
+DIR="$(dirname "$(readlink -f "$0")")"
+sudo rm /etc/systemd/system/caddy.service
+sudo ln -s $DIR/caddy.service /etc/systemd/system/
diff --git a/systemd/log b/systemd/log
new file mode 100755
index 0000000..49d5d65
--- /dev/null
+++ b/systemd/log
@@ -0,0 +1,3 @@
+#!/bin/bash
+sudo journalctl --unit=caddy.service -n 50 --no-pager
+exit 1
diff --git a/systemd/persist b/systemd/persist
new file mode 100644
index 0000000..19a992f
--- /dev/null
+++ b/systemd/persist
@@ -0,0 +1,2 @@
+#!/bin/bash
+sudo systemctl enable caddy
diff --git a/systemd/start b/systemd/start
new file mode 100755
index 0000000..06f1119
--- /dev/null
+++ b/systemd/start
@@ -0,0 +1,5 @@
+#!/bin/bash
+sudo systemctl daemon-reload
+sudo systemctl stop caddy
+sudo systemctl start caddy
+sudo systemctl status caddy
diff --git a/systemd/stop b/systemd/stop
new file mode 100755
index 0000000..4fc99f3
--- /dev/null
+++ b/systemd/stop
@@ -0,0 +1,4 @@
+#!/bin/bash
+sudo systemctl stop caddy
+sudo systemctl status caddy
+sudo journalctl --unit=caddy.service -n 100 --no-pager