Hi Tom,
My recommendation (NB it’s not the only way) is that you should never enable openvpn@xxxx.service since there is the real risk of having openvpn@xxxx.service and openvpn@yyyy.service enabled at the same time.
Instead, make the file /etc/default/openvpn your “master switch”. There is an AUTOSTART=“xxxxx” line where you specify which vpn.conf file should run when openvpn.service runs. Using this file keeps things simple and in one location.
One other thing to note WRT openvpn and systemd is that openvpn does not need to be enabled for you to be able to run it manually. Here’s proof:
osmc@osmc:~$ sudo systemctl status openvpn
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; disabled)
Active: inactive (dead)
osmc@osmc:~$ sudo systemctl start openvpn
osmc@osmc:~$ sudo systemctl status openvpn
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; disabled)
Active: active (exited) since Mon 2017-04-24 21:00:48 CEST; 5s ago
Process: 648 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 648 (code=exited, status=0/SUCCESS)
Apr 24 21:00:48 osmc systemd[1]: Started OpenVPN service.
osmc@osmc:~$ ps -ef|grep [o]penvpn
nobody 650 1 0 21:00 ? 00:00:00 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --config /etc/openvpn/server.conf
I could also have started openvpn@server.service and achieved the same result, since in this case the /etc/default/openvpn contains the line AUTOSTART=“server”, so starting openvpn.service has the same effect.
For me, the main use of enabling / disabling openvpn.service is so that it will / wont run at system startup.