Need to add NET_RAW to the capabilities in the helm chart

[kbrowder]

Currently the NET_ADMIN capability is added as a capability. At least on OpenSuse Kubic's Kubernetes NET_RAW is also required otherwise you get this:

time="2021-04-02T00:16:53Z" level=info msg="starting wireguard server on 0.0.0.0:51820" file="main.go:85"
time="2021-04-02T00:16:53Z" level=info msg="wireguard VPN network is 10.44.0.0/24" file="main.go:99"
time="2021-04-02T00:16:53Z" level=fatal msg="failed to set ip tables rule: running [/sbin/iptables -t filter -C WG_ACCESS_SERVER_FORWARD -s 10.44.0.0/24 -d 0.0.0.0/0 -j ACCEPT --wait]: exit status 3: iptables v1.8.3 (legacy): can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.\n" file="main.go:102"

Adding NET_RAW fixes this, I'm not precisely sure why this is needed