Reverted back to creating tun device manually

README.md

@@ -46,6 +46,14 @@ Cloudflare **DNS 1.1.1.1 over TLS** is used to connect to any PIA server for mul
 
 ## Setup
 
+1. Make sure you have your `/dev/net/tun` device setup on your host:
+
+	```bash
+	mkdir -p -m 755 /dev/net
+	mknod /dev/net/tun c 10 200
+	insmod /lib/modules/tun.ko
+	```
+
 1. Create a network to be used by this container and other containers connecting to it with:
 
     ```bash
@@ -61,8 +69,9 @@ Cloudflare **DNS 1.1.1.1 over TLS** is used to connect to any PIA server for mul
 1. Run the container with (at least change `/yourhostpath` to your actual path):
 
     ```bash
-    docker run -d --restart=always --name=pia --cap-add=NET_ADMIN \
-    --network=pianet -v /yourhostpath/auth.conf:/auth.conf:ro \
+    docker run -d --restart=always --name=pia \
+	--cap-add=NET_ADMIN --device=/dev/net/tun --network=pianet \
+	-v /yourhostpath/auth.conf:/auth.conf:ro \
     -e REGION=Germany -e PROTOCOL=udp -e ENCRYPTION=normal \
     qmcgaw/private-internet-access
     ```

docker-compose.yml

@@ -5,6 +5,8 @@ services:
         container_name: pia
         cap_add:
             - NET_ADMIN
+        devices:
+            - /dev/net/tun
         networks:
             - pianet
         volumes:

entrypoint.sh

@@ -7,10 +7,6 @@ echo "nameserver 127.0.0.1" > /etc/resolv.conf
 echo "options ndots:0" >> /etc/resolv.conf
 printf "DONE\nStarting Unbound to connect to Cloudflare DNS 1.1.1.1 at its TLS endpoint..."
 unbound
-printf "DONE\nCreating TUN device..."
-mkdir -p /dev/net
-mknod /dev/net/tun c 10 200
-chmod 600 /dev/net/tun
 printf "DONE\nStarting OpenVPN using $PROTOCOL with $ENCRYPTION encryption\n"
 cd /openvpn-$PROTOCOL-$ENCRYPTION
 openvpn --config "$REGION.ovpn" --auth-user-pass /auth.conf