diff --git a/public/v4/apps/openvpn-as.yml b/public/v4/apps/openvpn-as.yml
new file mode 100644
index 0000000..9cfa81d
--- /dev/null
+++ b/public/v4/apps/openvpn-as.yml
@@ -0,0 +1,95 @@
+captainVersion: 4
+services:
+    $$cap_appname:
+        caproverExtra:
+            containerHttpPort: $$cap_OPENVPN_PORT_ADMIN
+        image: linuxserver/openvpn-as:$$cap_OPENVPN_VERSION
+        hostname: $$cap_appname.$$cap_root_domain
+        environment:
+            PUID: $$cap_OPENVPN_PUID
+            PGID: $$cap_OPENVPN_GUID
+            TZ: $$cap_OPENVPN_TZ
+            INTERFACE: $$cap_OPENVPN_INTERFACE
+        volumes:
+            - $$cap_appname:/config
+        ports:
+            - $$cap_OPENVPN_PORT_TCP:$$cap_OPENVPN_PORT_TCP
+            - $$cap_OPENVPN_PORT_UDP:$$cap_OPENVPN_PORT_UDP
+        cap_add:
+            - NET_ADMIN
+
+caproverOneClickApp:
+    displayName: OpenVPN Access Server
+    isOfficial: false
+    description: Full featured secure network tunneling VPN software.
+    documentation: https://openvpn.net/index.php/access-server/overview.html
+    instructions:
+        start: |-
+            OpenVPN is a full featured, open-source VPN solution that accommodates a wide range of configurations.
+
+            **Important notes:**
+            - The provider of this image (LinuxServer) has decided to **deprecate** it in favor of WireGuard
+            - If you are using CapRover version `1.10.1` or older, you will need to **override CapRover's configuration** to use the newer Docker API version `1.4.1` (this can be done manually or by running `echo "{\"dockerApiVersion\":\"v1.41\"}" > /captain/data/config-override.json`)
+            - You need **access via SSH** to your server after deployment to modify a file (only once)
+            - You may need to **open the ports** `1194` and `9443` on your firewall
+        end: |-
+            OpenVPN has been deployed **successfully**!
+
+            Before you can start using it, you need to perform some steps.
+            You only need to do this once.
+            **Please screenshot/copy the following instructions before proceeding:**
+
+            1. Go to the **HTTP Settings** of your deployment `$$cap_appname` here in CapRover
+            2. **Enable HTTPS**
+            3. **Edit Default Nginx Configurations** and search for the line `set $upstream http://<%-s.localDomain%>:<%-s.containerHttpPort%>;` and replace `http://` with `https://`
+            4. Go to **App Configs** and paste the following snippet into **Service Update Override**: `{ "TaskTemplate": { "ContainerSpec": { "CapabilityAdd": ["CAP_NET_ADMIN"], "Hostname": "$$cap_appname.$$cap_root_domain" } } }`
+            5. **Save & Update** and wait a minute
+            6. Go to https://$$cap_appname.$$cap_root_domain/admin and log in using user `admin` and password `password`
+            7. Navigate to **Configuration** > **Network Settings** and replace the value in **Hostname Or IP Address** with `$$cap_appname.$$cap_root_domain` and update the server (if you get an error just refresh the page, log back in to the admin page (`/admin`) and proceed with the next step)
+            8. Navigate to **User Management** > **User Permissions** and add **New Username**, set a password, make it an admin and **Save Settings**.
+            9. Log out and log in as the new user
+            10. Navigate to **User Management** > **User Permissions** and delete the `admin` account
+            11. Access via SSH to your server and execute `docker exec -it $(docker ps --filter name=srv-captain--$$cap_appname -q) sed -i '/boot_pam_users.0=admin/c\boot_pam_users.0=abcnonexistentuserxyz' /config/etc/as.conf` to block the `admin` account and prevent its creation during container restart
+
+            Enjoy your private VPN!
+    variables:
+        - id: $$cap_OPENVPN_VERSION
+          label: General | Version Tag
+          description: Check out their valid tags at https://hub.docker.com/r/linuxserver/openvpn-as/tags
+          defaultValue: 2.9.0-5c5bd120-Ubuntu18-ls124
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_TZ
+          label: General | Timezone
+          description: Timezone for the application, find yours at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+          defaultValue: UTC
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_PUID
+          label: General | User ID
+          description: User ID that the process uses, run `id $user` on your instance to see the ID.
+          defaultValue: 1000
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_GUID
+          label: General | Group ID
+          description: Group ID that the process uses, run `id $user` on your instance to see the ID.
+          defaultValue: 1000
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_PORT_ADMIN
+          label: Networking | Admin GUI Port
+          description: Port of the administration interface. Should not be changed.
+          defaultValue: 943
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_PORT_TCP
+          label: Networking | TCP Port
+          description: Port of the TCP connections. Should not be changed.
+          defaultValue: 9443
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_PORT_UDP
+          label: Networking | UDP Port
+          description: Port of the UDP connections. Should not be changed.
+          defaultValue: 1194
+          validRegex: /.{1,}/
+        - id: $$cap_OPENVPN_INTERFACE
+          label: Networking | Interface
+          description: >-
+              With bridge networking, leave it blank (or enter `eth0`).
+              If `host` or `macvlan`, set it to your host's network interface, found by running `ifconfig`.
diff --git a/public/v4/logos/openvpn-as.png b/public/v4/logos/openvpn-as.png
new file mode 100644
index 0000000..4ec3231
Binary files /dev/null and b/public/v4/logos/openvpn-as.png differ