root@CT123:~# ls -l /dev/net/tun crw-rw-rw- 1 root root 10, 200 Dec 22 12:26 /dev/net/tun
If you see root:root inside the container, it's correct.
Update packages and install openvpn:
root@CT123:~# apt update root@CT123:~# apt dist-upgrade root@CT123:~# apt install openvpn git
You can use this repository for a basic configuration: https://github.com/Nyr/openvpn-install
root@CT123:~# git clone https://github.com/Nyr/openvpn-install root@CT123:~# cd openvpn-install root@CT123:~# bash openvpn-install.sh
Answer the setup wizard questions according to your setup. At the end you should receive a message like this:
Finished! The client configuration is available in: /root/client.ovpn New clients can be added by running this script again.
If everything worked, then the service should be started and enabled by the setup script.
Verify service is working:
root@CT123:~# systemctl | grep openvpn openvpn-iptables.service loaded active exited openvpn-iptables.service openvpn-server@server.service loaded active running OpenVPN service for server system-openvpn\x2dserver.slice loaded active active system-openvpn\x2dserver.slice root@CT123:~# ps aux | grep vpn nobody 136 0.0 1.3 11780 6844 ? Ss 14:41 0:00 /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf
Congratulations! You now have an unprivileged Debian container running OpenVPN!