Skip to content

Features

Key Features

CompassVPN is designed to provide secure, reliable, and easy-to-deploy VPN services with advanced monitoring capabilities. Here’s a breakdown of the core features:

Easy Deployment

Deploy your VPN server from a single configuration file with one command.

  • Single-Command Setup: Clone the repository, edit one env_file, and run ./agent.sh start.
  • Ansible-Powered: An idempotent Ansible playbook provisions the host end-to-end and is safe to re-run at any time.
  • Automatic SSL certificate generation: Using ZeroSSL or Let’s Encrypt.
  • Integrated Cloudflare DNS management: Automatically handles DNS records.
  • Flexible Connection Support: Works with direct server connections or configurations behind the Cloudflare CDN.

Enhanced Security

Protect your server and network traffic with multiple layers of security features.

  • Automatic Blocking: Filters Torrents, Iranian websites, Ads, Malware, and Phishing sites using curated blocklists .
  • Configuration Self-Testing: Verifies configuration validity using Xray-Knife.
  • Hardened Containers: Every service drops its Linux capabilities to the minimum required and runs with no-new-privileges.
  • Automated UFW Firewall Configuration: Secures the server by managing firewall rules.
  • NGINX Integration: Enhances security and resource efficiency by acting as a reverse proxy.

Complete Monitoring

Gain insights into performance and usage through comprehensive metrics collection.

  • Centralized Dashboard: Ships metrics to Grafana Cloud or a self-hosted Prometheus via the metric-forwarder service (powered by Grafana Alloy).
  • Real-time Connection Statistics: Provided by xray-exporter, with optional per-user traffic metrics and GeoIP enrichment.
  • Host System Resource Monitoring: Tracks CPU, memory, traffic, and more via node-exporter.
  • User Metrics: Tracks approximate unique active users and monitors blocked junk traffic requests for bandwidth optimization insights.

Scalability

Easily scale your VPN infrastructure horizontally.

  • Effortless Replication: Replicate agent instances using Docker for rapid capacity expansion.
  • High Availability: Stateless agent design simplifies horizontal scaling behind standard load balancers.
  • Centralized Monitoring: The Manager component seamlessly handles metrics from numerous agents.

Network Optimization

Optimize bandwidth usage and connection routing for better performance.

  • Efficient Connection Handling: NGINX web server improves efficiency.
  • Bandwidth Savings Insights: Monitor blocked traffic requests to understand savings.
  • Flexible Custom DNS Options: Choose Default, Cloudflare Security, ControlD, or provide custom DoU/DoT/DoH/DoQ servers.
  • Outbound Connection Choice: Select between Direct or WARP outbound connections.

Advanced Connectivity

Utilize modern protocols and flexible connection options.

  • WARP & Direct Outbound: Choose the best outbound connection method for your needs.
  • Per-Inbound WireGuard/WARP: When WARP outbound is enabled, each active inbound gets its own dedicated WireGuard/WARP tunnel.
  • Selectable Inbounds: Enable any mix of VLESS and VMess inbounds (TCP, HTTPUpgrade, XHTTP, QUIC) for both direct connections and Cloudflare CDN routes via the XRAY_INBOUNDS setting.
  • Per-Inbound Replicas: Scale any HTTP-path inbound into multiple instances using the name:count syntax (e.g. vless-hu-tls-cdn:3).
  • Automatic Configuration Rotation: Optionally rotates configurations on a defined interval for enhanced security.

Intelligent Management

Benefit from automated maintenance and robust service management.

  • Optional Automatic Updates: Enable AUTO_UPDATE to check for and apply updates hourly (off by default).
  • Process Watchdog: Monit supervises the Xray process and WARP tunnels inside the Xray container, restarting them if they fail (with restart caps to avoid loops).
  • Configuration Self-Testing: Ensures generated configuration links are valid and working.
  • Automated Configuration Rotation: Enhances security and freshness by periodically generating new configurations.

Deployment Features

  • Cloudflare Integration: Automatic Cloudflare DNS management when CDN configs are selected and API credentials provided
  • Flexible Configuration: Select direct and/or Cloudflare CDN configurations
  • Automatic Certificate Management: TLS certificates via ZeroSSL or Let’s Encrypt
  • Outbound Options: Choose between Direct or WARP outbound traffic
  • Configuration Variety: Create different VPN configurations to match your needs
  • Automatic Updates: Keep your Compass VPN current automatically
  • Configuration Rotation: Enhance security with automatic credential rotation

Security Features

  • Comprehensive Blocking: Automatically blocks torrents, malicious websites, ads, and malware
  • Self-Testing: Configuration self-testing using Xray-Knife
  • Enhanced Web Server: NGINX web server for better resource efficiency and security
  • Custom DNS: Block unwanted traffic at egress, reducing bandwidth consumption
  • Monitoring Integration: Free Grafana Cloud or self-hosted Prometheus integration