Using friendlytv.site for OpenVPN (same name as the website)
-------------------------------------------------------------
The .ovpn profile uses: remote friendlytv.site 1194

No extra DNS name (e.g. vpn.*) is required if:
  - The web server and OpenVPN run on the SAME machine (same public IP), and
  - DNS for friendlytv.site already points to that IP.

You do not need a new A record unless the VPN server is on a different IP than the site.

Cloudflare (important)
----------------------
OpenVPN uses UDP port 1194. Cloudflare’s HTTP proxy (orange cloud) only handles web traffic.

For the hostname used in "remote" (friendlytv.site):
  - Set the record to DNS only (grey cloud), OR
  - Use a DNS-only A record that points directly to your origin server IP.

If friendlytv.site is orange-cloud proxied, clients may resolve to Cloudflare’s anycast IPs and
UDP/1194 will not reach your OpenVPN process. Grey cloud fixes that.

Firewall
----------
Allow UDP 1194 inbound to the OpenVPN server (host/router).