Tun device is created inside the container, fixes #2

README.md

@@ -46,14 +46,6 @@ Cloudflare **DNS 1.1.1.1 over TLS** is used to connect to any PIA server for mul
 
 ## Setup
 
-1. Run the [**tun.sh**](https://raw.githubusercontent.com/qdm12/private-internet-access-docker/master/tun.sh) script on your host machine to ensure you have the `/dev/tun` device setup
-
-    ```bash
-    wget https://raw.githubusercontent.com/qdm12/private-internet-access-docker/master/tun.sh
-    sudo chmod +x tun.sh
-    ./tun.sh
-    ```
-    
 1. Create a network to be used by this container and other containers connecting to it with:
 
     ```bash
@@ -70,8 +62,7 @@ Cloudflare **DNS 1.1.1.1 over TLS** is used to connect to any PIA server for mul
 
     ```bash
     docker run -d --restart=always --name=pia --cap-add=NET_ADMIN \
-    --device=/dev/net/tun --network=pianet \
-    -v /yourhostpath/auth.conf:/auth.conf:ro \
+    --network=pianet -v /yourhostpath/auth.conf:/auth.conf:ro \
     -e REGION=Germany -e PROTOCOL=udp -e ENCRYPTION=normal \
     qmcgaw/private-internet-access
     ```

entrypoint.sh

@@ -7,6 +7,10 @@ echo "nameserver 127.0.0.1" > /etc/resolv.conf
 echo "options ndots:0" >> /etc/resolv.conf
 printf "DONE\nStarting Unbound to connect to Cloudflare DNS 1.1.1.1 at its TLS endpoint..."
 unbound
+printf "DONE\nCreating TUN device..."
+mkdir -p /dev/net
+mknod /dev/net/tun c 10 200
+chmod 600 /dev/net/tun
 printf "DONE\nStarting OpenVPN using $PROTOCOL with $ENCRYPTION encryption\n"
 cd /openvpn-$PROTOCOL-$ENCRYPTION
 openvpn --config "$REGION.ovpn" --auth-user-pass /auth.conf

tun.sh

@@ -1,11 +0,0 @@
-#!/bin/sh
-
-if ( [ ! -c /dev/net/tun ] ); then
-    if ( [ ! -d /dev/net ] ); then
-        mkdir -m 755 /dev/net
-    fi
-    mknod /dev/net/tun c 10 200
-fi
-if ( !(lsmod | grep -q "^tun\s") ); then
-    insmod /lib/modules/tun.ko
-fi