I'm trying to make a docker container which uses OpenVPN to connect to my private internet access VPN and to download some data from a web server, but when i try to connect to PIA i get an error:
2022-12-07 12:08:03 [oslo403] Peer Connection Initiated with [AF_INET]**.***.***.***:1198
2022-12-07 12:08:03 sitnl_send: rtnl: generic error (-101): Network unreachable
2022-12-07 12:08:03 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
2022-12-07 12:08:03 Exiting due to fatal error
I've tried to create a /dev/net/tun device manually:
RUN mkdir -p /dev/net && mknod /dev/net/tun c 10 200 && chmod 600 /dev/net/tun
But then i get this error:
2022-12-07 12:12:35 sitnl_send: rtnl: generic error (-101): Network unreachable
2022-12-07 12:12:35 ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)
2022-12-07 12:12:35 Exiting due to fatal error
Everything is running as root so that is not the issue.
Here is my complete dockerfile:
FROM alpine
RUN apk update && apk add bash openvpn wget unzip
# This section downloads PIA's configuration and adds login information to it.
RUN mkdir /vpn
RUN echo "********" > /vpn/login.txt
RUN echo "********" >> /vpn/login.txt
RUN wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
RUN unzip openvpn.zip -d /vpn
RUN sed -i "s/auth-user-pass/auth-user-pass \/vpn\/login.txt/" /vpn/*
# Here is my attempted fix for the problem
RUN mkdir -p /dev/net && mknod /dev/net/tun c 10 200 && chmod 600 /dev/net/tun
ENTRYPOINT [ "openvpn", "/vpn/norway.ovpn" ]
I would love some help with this. Really all I want is an example where you use openvpn with docker to for example
curl api.ipify.org
You need to add this argument to the docker command:
--cap-add=NET_ADMIN
Network changes done by OpenVPN require extra permissions provided by the NET_ADMIN capability.