There is nothing in your config that explains how to authenticate you. OpenWrt cannot ask for the username and password interactively, so you need to create a file with them (two lines, the first one is the username, the second one is the password), and provide a path to it via the auth-user-pass option.
I have tested WireGuard with Ivacy, and must say that it is not suitable for the use with OpenWrt. This is because the key must be obtained from their web interface, and is valid for two minutes only. There is nothing in OpenWrt that automates this process.
2 minutes? What a strange restriction.
Even wireguard on a full fledged computer wouldn’t have a method of dealing with that restriction unless they built their own app/wrapper for this purpose. That issue is purely related to the vpn and their unusual key expiration policies. But if that is what they have in place, OpenVPN is clearly the only practical option for that service.
Exactly - they want everyone to use their app, instead of configuring connections manually. I guess that this restriction is related to their IP address allocation strategy - if you do connect (manually) within two minutes, you get a public IP, and the connection works for hours, until disconnected manually. Once you disconnect, this IP becomes someone else's.
The real answer is: to start a VPN you have to
A. mark the one you want to use with a check in the "enabled" box
B. THEN click save & apply.
Simply clicking on "start" does not do it.
Ivacy is really bad about updating anything, all of their tuts are outdated, their Openvpn profiles cause non-fatal errors and warnings from being 10 years old.
But, Ivacy is cheap and serviceable. I don't know what is meant by getting the certificate every 2 minutes. The CA and Wdc are available to download with the profiles.
It works great on my Linksys EA3500 with Openwrt 22.03.