diff --git a/.gitignore b/.gitignore
index dabb148..ebbcadd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,5 @@
 env/
 conf/
 user/
-caddy
 build/
 user/
diff --git a/scripts/caddy b/scripts/caddy
new file mode 100755
index 0000000..97b06d1
--- /dev/null
+++ b/scripts/caddy
@@ -0,0 +1,28 @@
+#!/bin/bash
+SDIR=$(dirname "$(readlink -f "$0")") || exit
+DIR=$(dirname "$SDIR") || exit
+source $SDIR/library
+CONF=$DIR/conf/${1:-caddy}.conf
+get-caddy-name # this sets $CADDY_BIN
+BIN=$DIR/bin/$CADDY_BIN
+echo running caddy $BIN
+[ ! -f "$BIN" ] && echo binary file $BIN does not exist && exit 1
+[ ! -x "$BIN" ] && echo binary file $BIN is not executable && exit 1
+[ ! -f "$CONF" ] && echo no configuration file $CONF && exit 1
+if [ $INVOCATION_ID ]; then
+echo running under systemd service
+else
+  CAP="cap_net_bind_service+eip"
+  ISSET=$(getcap $BIN | grep $CAP )
+  echo before $ISSET
+  if [ ! "$ISSET" ]; then
+  echo binary not set for binding port 80 by non-root users, attempting to set
+  sudo setcap $CAP $BIN
+  ISSET=$(getcap $BIN | grep $CAP)
+  echo after $ISSET
+  [ ! "$ISSET" ] && echo unable to set port binding && exit 1
+fi
+fi
+echo $BIN run --config $CONF --adapter caddyfile
+set-env $DIR/env
+su -c "for f in $DIR/env/*.env; do source $f; done && $BIN run --config $CONF --adapter caddyfile" - caddy