docs: Add comprehensive add-package guide and update documentation index

Copilot · fabriziosalmi · Copilot · commit 1e6dd5d09c98 · 2026-01-06T10:34:12.000Z
Co-authored-by: fabriziosalmi &lt;1569108+fabriziosalmi@users.noreply.github.com&gt;
diff --git a/README.md b/README.md
@@ -176,19 +176,20 @@ For complete documentation, including configuration options, rule format details
 ### 📑 Table of Contents
 
 1.  [**Installation**](docs/installation.md) - *Instructions for installing the Caddy WAF middleware.*
-2.  [**Configuration Options**](docs/configuration.md) - *Detailed explanation of all available configuration settings.*
-3.  [**Rules Format (`rules.json`)**](docs/rules.md) - *A comprehensive guide to defining custom rules using the JSON format.*
-4.  [**Blacklist Formats**](docs/blacklists.md) - *Documentation of the formats used for defining IP and DNS blacklists.*
-5.   [**Rate Limiting**](docs/ratelimit.md) - *How to configure rate limiting, including parameters and usage.*
-6.  [**Country Blocking and Whitelisting**](docs/geoblocking.md) - *Details on how to configure country-based blocking and whitelisting.*
-7.  [**Protected Attack Types**](docs/attacks.md) - *An overview of the wide range of web-based threats that the Caddy WAF is designed to protect against.*
-8.  [**Dynamic Updates**](docs/dynamicupdates.md) - *How to dynamically update the WAF rules and other settings without downtime.*
-9.  [**Metrics**](docs/metrics.md) - *Details about the WAF's metrics endpoint and the different metrics collected.*
-10. [**Prometheus Metrics**](docs/prometheus.md) - *Instructions on how to expose WAF metrics using the Prometheus format.*
-11. [**ELK Observability**](https://github.com/fabriziosalmi/caddy-waf/blob/main/docs/caddy-waf-elk.md) - *Instructions on how to configure caddy-waf ELK stack observability.*
-12. [**Rule/Blacklist Population Scripts**](docs/scripts.md) - *Documentation on the provided scripts to automatically fetch, update and generate rules and blacklists.*
-13. [**Testing**](docs/testing.md) - *Guidance on how to test the WAF's effectiveness using the provided testing tools.*
-14.  [**Docker Support**](docs/docker.md) - *Instructions on how to build and run the WAF using Docker.*
+2.  [**Using `caddy add-package`**](docs/add-package-guide.md) - *Quick guide for installing with the `caddy add-package` command.*
+3.  [**Configuration Options**](docs/configuration.md) - *Detailed explanation of all available configuration settings.*
+4.  [**Rules Format (`rules.json`)**](docs/rules.md) - *A comprehensive guide to defining custom rules using the JSON format.*
+5.  [**Blacklist Formats**](docs/blacklists.md) - *Documentation of the formats used for defining IP and DNS blacklists.*
+6.   [**Rate Limiting**](docs/ratelimit.md) - *How to configure rate limiting, including parameters and usage.*
+7.  [**Country Blocking and Whitelisting**](docs/geoblocking.md) - *Details on how to configure country-based blocking and whitelisting.*
+8.  [**Protected Attack Types**](docs/attacks.md) - *An overview of the wide range of web-based threats that the Caddy WAF is designed to protect against.*
+9.  [**Dynamic Updates**](docs/dynamicupdates.md) - *How to dynamically update the WAF rules and other settings without downtime.*
+10.  [**Metrics**](docs/metrics.md) - *Details about the WAF's metrics endpoint and the different metrics collected.*
+11. [**Prometheus Metrics**](docs/prometheus.md) - *Instructions on how to expose WAF metrics using the Prometheus format.*
+12. [**ELK Observability**](https://github.com/fabriziosalmi/caddy-waf/blob/main/docs/caddy-waf-elk.md) - *Instructions on how to configure caddy-waf ELK stack observability.*
+13. [**Rule/Blacklist Population Scripts**](docs/scripts.md) - *Documentation on the provided scripts to automatically fetch, update and generate rules and blacklists.*
+14. [**Testing**](docs/testing.md) - *Guidance on how to test the WAF's effectiveness using the provided testing tools.*
+15.  [**Docker Support**](docs/docker.md) - *Instructions on how to build and run the WAF using Docker.*
 
 ---
 
diff --git a/docs/README.md b/docs/README.md
@@ -8,8 +8,9 @@ This documentation provides everything you need to deploy and manage the Caddy W
 
 ### 🚀 Getting Started
 
-1.  **[Introduction](introduction.md)** - *Overview of the Caddy WAF, its purpose, and key benefits.
+1.  **[Introduction](introduction.md)** - *Overview of the Caddy WAF, its purpose, and key benefits.*
 2.  **[Installation](installation.md)** - *Instructions for installing the Caddy WAF middleware.* 
+3.  **[Using caddy add-package](add-package-guide.md)** - *Quick guide for installing with the `caddy add-package` command.* 
 
 ### ⚙️ Core Configuration
 
diff --git a/docs/add-package-guide.md b/docs/add-package-guide.md
@@ -0,0 +1,181 @@
+# Using `caddy add-package` to Install Caddy WAF
+
+This guide demonstrates how to install the Caddy WAF module using Caddy's built-in `caddy add-package` command.
+
+## Prerequisites
+
+- Caddy v2.7 or higher already installed on your system
+- Internet connection (to download the custom binary)
+- Appropriate permissions to replace the Caddy binary
+
+## Quick Installation
+
+To add the Caddy WAF module to your existing Caddy installation:
+
+```bash
+caddy add-package github.com/fabriziosalmi/caddy-waf
+```
+
+That's it! The command will:
+1. Detect your current Caddy installation and modules
+2. Send a build request to Caddy's remote build service
+3. Download a new binary with the WAF module included
+4. Backup your current Caddy binary
+5. Replace the binary with the new one
+
+## Verification
+
+After installation, verify the module is loaded:
+
+```bash
+caddy list-modules | grep waf
+```
+
+Expected output:
+```
+http.handlers.waf
+```
+
+You can also check the full list of modules:
+```bash
+caddy list-modules --packages
+```
+
+## Usage Example
+
+Once installed, you can use the WAF module in your Caddyfile:
+
+```caddyfile
+{
+    auto_https off
+    admin localhost:2019
+}
+
+:8080 {
+    log {
+        output stdout
+        format console
+        level INFO
+    }
+
+    route {
+        waf {
+            metrics_endpoint /waf_metrics
+            rule_file rules.json
+            ip_blacklist_file ip_blacklist.txt
+            dns_blacklist_file dns_blacklist.txt
+            anomaly_threshold 10
+            
+            rate_limit {
+                requests 100
+                window 60s
+                cleanup_interval 300s
+            }
+        }
+
+        respond "Hello, World!" 200
+    }
+}
+```
+
+## Advanced Options
+
+### Keep Backup
+
+By default, the command deletes the backup after successful replacement. To keep the backup:
+
+```bash
+caddy add-package --keep-backup github.com/fabriziosalmi/caddy-waf
+```
+
+The backup will be saved as `caddy.backup` in the same directory.
+
+### Version Pinning
+
+To install a specific version of the module:
+
+```bash
+caddy add-package github.com/fabriziosalmi/caddy-waf@v0.1.3
+```
+
+Note: Replace `v0.1.3` with the desired version tag.
+
+## Troubleshooting
+
+### Command Not Found
+
+If the `caddy add-package` command is not available, you may be using an older version of Caddy:
+
+```bash
+caddy version
+```
+
+You need Caddy v2.7 or higher. Update Caddy first:
+
+```bash
+# Using the official install script
+curl https://caddyserver.com/api/download\?os=linux\&arch=amd64 -o caddy
+chmod +x caddy
+sudo mv caddy /usr/local/bin/
+```
+
+### Permission Denied
+
+If you get a permission denied error, run the command with sudo:
+
+```bash
+sudo caddy add-package github.com/fabriziosalmi/caddy-waf
+```
+
+### Build Service Unavailable
+
+If Caddy's remote build service is unavailable, you can build from source instead:
+
+```bash
+# Install xcaddy
+go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
+
+# Build with the module
+xcaddy build --with github.com/fabriziosalmi/caddy-waf
+```
+
+### Module Already Exists
+
+If you get an error that the package already exists, the module is already installed. To update:
+
+```bash
+# Remove the package first
+caddy remove-package github.com/fabriziosalmi/caddy-waf
+
+# Then add it again
+caddy add-package github.com/fabriziosalmi/caddy-waf
+```
+
+## Removing the Module
+
+To remove the Caddy WAF module:
+
+```bash
+caddy remove-package github.com/fabriziosalmi/caddy-waf
+```
+
+## Comparison with Other Installation Methods
+
+| Method | Pros | Cons |
+|--------|------|------|
+| `caddy add-package` | Simple, no build tools needed, keeps existing modules | Requires internet, depends on remote build service |
+| `xcaddy build` | Full control, works offline (after dependencies cached), good for development | Requires Go and build tools, more complex |
+| Quick script | Automated setup with sample configs | Downloads and builds from source, requires build tools |
+
+## Next Steps
+
+- Read the [Configuration Guide](configuration.md) to customize your WAF rules
+- Learn about [Rate Limiting](ratelimit.md) configuration
+- Explore [GeoIP Blocking](geoblocking.md) features
+- Check out the [Metrics](metrics.md) endpoint for monitoring
+
+## References
+
+- [Caddy Command Line Documentation](https://caddyserver.com/docs/command-line)
+- [Caddy Module System](https://caddyserver.com/docs/extending-caddy)
+- [xcaddy Build Tool](https://github.com/caddyserver/xcaddy)
