I have an LXD container, and I’m running docker into it. I set up a docker container based on jsloan117/docker-openvpn-client image that was working ok in docker installed in host.

I’m getting

ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
as part of the container log.

I’ve followed instructions in OpenVPN in LXD Container · GitHub that seems to give the needed capabilities to the container and sharing the hosts tun device:

On the host

=============

lxc config set openvpn raw.lxc ‘lxc.cgroup.devices.allow = c 10:200 rwm’
lxc config device add openvpn tun unix-char path=/dev/net/tun

In the container

==================

1. mknod /dev/net/tun c 10 200

Here I obtain
mknod: /dev/net/tun: File exists
that I supose is ok,

2. install OpenVPN (GitHub - Nyr/openvpn-install: OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora or manual)
3. edit /lib/systemd/system/openvpn@.service – comment out/remove LimitNPROC=10
4. systemctl daemon-reload or reboot container

Skiped 2 and 3 (if this is needed, how to do it in my setup?), but launch the docker container into de LXD container, with a known working configuration, and then restart the LXD container. And I keep getting the error.

What can be done to get this working?

EDIT:
The part of the YAML for docker-compose

  ovpn-client:
    image: jsloan117/docker-openvpn-client
    container_name: ovpn-client
    cap_add:
      - NET_ADMIN
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0
    environment:
      - OPENVPN_PROVIDER=xxxxxxx
      - OPENVPN_CONFIG=xxxxxx
      - OPENVPN_USERNAME=xxxxxx
      - OPENVPN_PASSWORD=xxxxxxx
      - LOCAL_NETWORK=192.168.5.0/24,192.168.100.0/24,10.4.0.0/24,10.6.0.0/24,10.8.0.0/24
      - PUID=0
      - PGID=0
    restart: unless-stopped

Fixed it adding the “device” clause in the YAML. I didn’t need it outside the container, but I NEED it inside it
So you need to add

    devices:
      - /dev/net/tun