@JW0914 - I feel like this is becoming a hostile conversation and I don't want this to go that route
. Just to be clear, I do think you are giving good advice in general. I'm just reporting my experience and it is possible I have either misunderstood how certain things are happening and/or that I haven't properly described some of the nuances of my config.
For my example, let's start with an assumption that a user has used the LuCI or UCI interface to configure OpenVPN (I think that this would be contrary to your suggestion of using a simple flat file with the directives listed line by line, but this still can work):
- I think (*citation needed -- I can test this later) that the /etc/init.d/openvpn file actually gets modified/replaced when the OpenVPN LuCI app is installed as compared to the version installed when you install OpenVPN initially. (Like I said, I can check this later, but keep reading...)
- When the /etc/init.d/openvpn script runs (when OVPN LuCI app is installed), it looks at /etc/config/openvpn for the config data. If the config data points to a normal flat openvpn config file (scenario A), it will use that (as established earlier). Else, the UCI formatted openvpn file will be parsed and the system will create, at execution time, a standard flat config file for OpenVPN (scenario B)
- /etc/init.d/openvpn then calls the openvpn binary file with either the scenario A config file, or the file it just created as part of scenario B.
Of course /etc/init.d/openvpn is used to call the actual binary file, regardless of the existence of the LuCI app. And it is possible that it is the same script that regardless and that it will ingest the flat file or the UCI file either way.
Now, the LuCI app shows the following fields: Enabled [checkbox], Started [yes/no + PID], Start/Stop [button], Port, Protocol. And it has Edit and Delete buttons, too. Obviously the Enabled checkbox is affecting the UCI file, and the start/stop button hits the /etc/init.d/openvpn [start/stop] script. The started and PID status info comes from the openvpn process itself. Deleting a config would just remove the UCI definitions for that particular config - whatever is under it. All makes sense so far.
As I understand it (and I could be wrong), the port and protocol information are pulled from the UCI formatted /etc/config/openvpn file. This means that if the UCI file references a normal flat file, it may not be able to give the status of those two values (although it will default to UDP 1194 -- I know this for fact because I have some client config files that do this even though they use TCP or another port). And if you hit the Edit button when there is a flat file referenced, I'm actually not sure what it does. In contrast, it is possible (although as you rightly point out, not recommended) to edit essentially any field/directive in the OpenVPN UCI formatted file from the LuCI app.
Meanwhile, to clarify another point I was making -- my OpenVPN config is 100% UCI formatted (location: /etc/config/openvpn), and I do not have a flat file in my system. I cannot directly pass that UCI file as an argument into the /usr/sbin/openvpn executable the way I could with a regular flat OVPN file. However, the /etc/init.d/openvpn script actually does generate the flat file (/tmp/etc/openvpn.conf) and then calls that openvpn.conf config file when it starts /usr/sbin/openvpn.