Are there any plans to add authentication for the HTTP API when running in TCP mode? It looks like the Unix socket mode relies on system-level permissions (which is great), but TCP mode seems wide open unless wrapped externally (e.g. behind a reverse proxy or firewall).
good question. I'm not planning to add authentication logic that can increase the complexity of the app. the reason behind suggesting to use unix domain socket is that a proxy like caddy can handle authentication & tls for wghttp as you said. I will share a simple caddyfile in readme soon.