{"slug": "how-to-deploy-hermes-ai-agent-with-docker-and-https", "title": "How to Deploy Hermes AI Agent with Docker and HTTPS", "summary": "Devopness released a guide for deploying the Hermes AI agent using Docker with automatic HTTPS and authentication, enabling users to run the autonomous coding agent on cloud infrastructure without manual SSL management. The deployment supports integration with Slack, GitHub, and LLM providers, and can be executed via AI assistants using the Devopness MCP Server.", "body_md": "Deploy Hermes AI Agent with Docker, automatic HTTPS, and authentication. This guide works for both AI assistants (e.g., via Devopness MCP Server, Devopness API) and manual setup through the web interface.\n\n## What is Hermes?\n\n[Hermes](https://github.com/NousResearch/hermes-agent) is an autonomous AI agent that can write code, deploy applications, browse the web, integrate with Slack and GitHub, and automate repetitive tasks. It works like having a developer on your team.\n\nDeploying AI agents typically requires complex server configuration, Docker expertise, and manual SSL certificate management. This guide shows you how to deploy Hermes using Devopness, which handles all the infrastructure automatically.\n\n## What You'll Build\n\nBy the end of this guide, you'll have Hermes AI Agent deployed and running:\n\n- Running 24/7 on your cloud infrastructure\n- Accessible via secure HTTPS dashboard (\n`https://hermes.example.com`\n\n) - Protected by username/password authentication for trusted/private access, with OAuth/OIDC recommended for public internet deployments\n- With persistent storage that survives deployments\n- Auto-renewing SSL certificates (every 90 days)\n- Ready to integrate with Slack, GitHub, and other services\n\n**This guide is for:** Anyone who wants to deploy Hermes to a cloud server, without manual configuration. Works with any AI assistant or via Devopness web UI.\n\n**Don't have a Devopness account yet?** [Create your free account](https://www.devopness.com) to get started.\n\n## Pro Tip: Let AI Do the Work\n\nYou can have an AI assistant (e.g., Claude Code, Cursor, Cline, Windsurf) execute this entire deployment for you using the [Devopness MCP Server](https://devopness.com/mcp/).\n\n**Copy this prompt to your AI assistant:**\n\nRead the Hermes deployment guide at\n\n[https://www.devopness.com/blog/deploy-hermes-ai-agent-devopness]and execute it step by step using Devopness MCP tools.\n\nYour AI assistant will handle the deployment while keeping you informed at key decision points.\n\n## Prerequisites\n\n### An Environment with Credentials Ready\n\nIn Devopness, you work inside \"Environments\" (Development, Staging, or Production). You'll need an environment with:\n\n-\n**A Cloud Provider Credential**- So Devopness can create servers for you (AWS, Azure, Google Cloud, DigitalOcean, Hetzner, or any cloud provider) -\n**A GitHub Credential**- So Devopness can download Hermes' code (GitHub Personal Access Token) -\n**An LLM Provider Account**- So Hermes can use AI (OpenRouter, OpenAI, Anthropic, Groq, or Ollama Cloud)\n\n**Need help setting up?** Follow this guide first: [How to Create an Environment](https://www.devopness.com/docs/environments/add-environment/)\n\n## Step 1: Create the Server\n\nCreate a server with these specifications:\n\n**Name**:`hermes-server`\n\n**Cloud Provider**: AWS, Azure, GCP, DigitalOcean, Hetzner, or others** Region**: Choose the closest to your users** Instance Size**: 4GB RAM minimum, 20GB disk** Operating System**: Latest Ubuntu LTS\n\n**Why these specs:** Hermes requires 4GB RAM for browser automation and AI tasks. Ubuntu LTS provides long-term security updates.\n\n## Step 2: Create the Application\n\nCreate an application with these settings:\n\n**Name**:`hermes-agent`\n\n(lowercase, no spaces)**Source Provider**: GitHub** Repository**:`NousResearch/hermes-agent`\n\n**Branch**:`main`\n\n**Programming Language**: Docker** Root Directory**:`/`\n\n**Build Command**:\n\n```\ndocker compose -p ${APPLICATION_NAME} pull && docker compose -p ${APPLICATION_NAME} up -d && docker compose -p ${APPLICATION_NAME} logs || { docker compose -p ${APPLICATION_NAME} logs; exit 1; }\n```\n\n## Step 3: Add the Storage Path Variable\n\nCreate an environment variable for persistent storage:\n\n**Key**:`APPLICATION_PATH`\n\n**Value**:`/home/devopness/hermes-agent`\n\n(replace`hermes-agent`\n\nwith your app name)**Target**: OS Environment Variable** Visibility**: Visible\n\n**Why:** Defines where Hermes stores chat history, API keys, browser sessions, and uploaded files. Without this, every deployment resets to factory defaults.\n\n## Step 4: Add Configuration Files\n\nCreate three configuration files.\n\n### File 1: `.env`\n\nPrepare the following values and replace them in the file content below:\n\n`HERMES_DASHBOARD_BASIC_AUTH_PASSWORD`\n\n- use a strong password (20+ characters)\n\n`HERMES_DASHBOARD_BASIC_AUTH_SECRET`\n\n- use a random 32+ character string (generate at[https://generate-random.org/api-token-generator]or run`openssl rand -base64 32`\n\n)\n\n**Description:** Dashboard settings and authentication**Path:**`.env`\n\n**Content:**\n\n```\n# Hermes AI Agent Configuration\n\n# Container Name\nCONTAINER_NAME=${APPLICATION_NAME}-hermes\n\n# File Permissions (auto-detected during deployment)\nHERMES_UID=__DEVOPNESS_UID__\nHERMES_GID=__DEVOPNESS_GID__\n\n# Dashboard Settings\nHERMES_DASHBOARD=true\nHERMES_DASHBOARD_HOST=0.0.0.0\nHERMES_DASHBOARD_PORT=9119\n\n# Security - Login Protection\nHERMES_DASHBOARD_BASIC_AUTH_USERNAME=agent\nHERMES_DASHBOARD_BASIC_AUTH_PASSWORD=CHANGE_THIS_PASSWORD\nHERMES_DASHBOARD_BASIC_AUTH_SECRET=CHANGE_THIS_SECRET\n\n# Performance Settings\nHERMES_SHM_SIZE=1g\nHERMES_MEMORY_LIMIT=4G\nHERMES_MEMORY_RESERVATION=2G\nHERMES_CPU_LIMIT=2.0\n```\n\n### File 2: `.env.hermes`\n\n**Description:** LLM provider API keys and integrations**Path:**`.env.hermes`\n\n**Content:**\n\n```\n# Hermes Agent Configuration\n# Terminal Environment (required)\nTERMINAL_ENV=local\n\n# Add your integration API keys here (examples):\n# SLACK_BOT_TOKEN=xoxb-...\n# SLACK_APP_TOKEN=xapp-...\n# LINEAR_API_KEY=lin_api_...\n# OPENROUTER_API_KEY=sk-or-...\n# OPENAI_API_KEY=sk-...\n```\n\n**🔸 Note:** This file is the source of truth for environment variables and is copied to persistent storage on every deployment. Changes made directly in the Hermes dashboard or inside `${APPLICATION_PATH}/data/.env`\n\nwill be overwritten on the next deployment. Add long-lived API keys and integration secrets to `.env.hermes`\n\n, then redeploy.\n\n### File 3: `docker-compose.yml`\n\n**Description:** Container configuration and resources**Path:**`docker-compose.yml`\n\n**Content:**\n\n```\nservices:\n  hermes:\n    image: nousresearch/hermes-agent:v2026.6.5\n\n    container_name: ${CONTAINER_NAME}\n    restart: unless-stopped\n    command: gateway run\n    privileged: true\n\n    volumes:\n      - ${APPLICATION_PATH}/data:/opt/data\n      - /var/run/docker.sock:/var/run/docker.sock\n\n    env_file:\n      - .env\n\n    ports:\n      - \"127.0.0.1:${HERMES_DASHBOARD_PORT}:${HERMES_DASHBOARD_PORT}\"\n\n    shm_size: ${HERMES_SHM_SIZE:-1g}\n\n    deploy:\n      resources:\n        limits:\n          memory: ${HERMES_MEMORY_LIMIT:-4G}\n          cpus: \"${HERMES_CPU_LIMIT:-2.0}\"\n        reservations:\n          memory: ${HERMES_MEMORY_RESERVATION:-2G}\n\n    networks:\n      - hermes-net\n\nnetworks:\n  hermes-net:\n    driver: bridge\n    name: ${APPLICATION_NAME}-network\n```\n\n**🔹 Tip:** Check [Docker Hub](https://hub.docker.com/r/nousresearch/hermes-agent/tags) for newer versions. Always pin to a specific version tag (not `latest`\n\n) for reproducible deployments.\n\n**🔸 Security note:** This configuration uses `privileged: true`\n\nand mounts `/var/run/docker.sock`\n\n. Required for Hermes to run Docker commands and browser automation, but gives the container elevated access to the host. Deploy with HTTPS and strong authentication.\n\n## Step 5: Configure the Deployment Pipeline\n\nUpdate your deployment pipeline settings:\n\n**Max Parallel Actions**: Set to`1`\n\n(prevents deployment conflicts where outdated configurations could override newer ones)\n\nAdd three custom pipeline steps in this order:\n\n### Step 1: Create Hermes Storage\n\n**Position:** After \"Get source from Git repository\"**Name:**`Create Hermes storage`\n\n**Command:**\n\n```\nmkdir -p ${APPLICATION_PATH}/data && \\\nchown devopness:devopness ${APPLICATION_PATH}/data\n```\n\n### Step 2: Update UID/GID Placeholders\n\n**Position:** After \"Create Hermes storage\"**Name:**`Update UID/GID placeholders`\n\n**Command:**\n\n```\nDEVOPNESS_UID=$(id -u devopness) && \\\nDEVOPNESS_GID=$(id -g devopness) && \\\nsed -i \"s/__DEVOPNESS_UID__/${DEVOPNESS_UID}/g\" .env && \\\nsed -i \"s/__DEVOPNESS_GID__/${DEVOPNESS_GID}/g\" .env\n```\n\n**Why:** Aligns container user permissions with host filesystem.\n\n### Step 3: Copy Hermes Configuration\n\n**Position:** After \"Activate current build\"**Name:**`Copy Hermes configuration to data folder`\n\n**Command:**\n\n```\ncp .env.hermes ${APPLICATION_PATH}/data/.env && \\\nchmod 600 ${APPLICATION_PATH}/data/.env && \\\nchown devopness:devopness ${APPLICATION_PATH}/data/.env\n```\n\n**Why:** Copies API keys to persistent storage so they survive deployments.\n\n## Step 6: Deploy Hermes\n\nDeploy the application:\n\n**Pipeline:** Deploy pipeline (already configured)**Source:** Branch`main`\n\n**Servers:** Select the server created in Step 1\n\nDeployment takes 5-8 minutes on first run (downloads Docker images, builds the container).\n\nDevopness redirects you to the Action page where you can watch the deployment live. Wait for the action to complete.\n\n## Step 7: Test Your Deployment (Optional)\n\n**🔹 Tip:** If you have a domain ready, skip to Step 8 for HTTPS setup.\n\nFind and edit the auto-generated virtual host for your server (hostname matches your server's public IP address):\n\n**Application:** Select your Hermes application**Application Listen Address:**`http://localhost:9119`\n\nDeploy and wait for the action to complete. Then test access at `http://YOUR_SERVER_IP`\n\n. You should see the Hermes login page (username: `agent`\n\n, password: from your `.env`\n\nfile).\n\n## Authentication Security Notice\n\nThis guide uses HTTP Basic Authentication (username/password), suitable for trusted networks or VPN access.\n\n**Best practices:**\n\n- Use a strong password (20+ random characters)\n- Deploy with HTTPS enabled\n- Consider IP whitelisting for additional security\n\nFor public internet deployments, use OAuth (e.g., Nous Portal) or self-hosted OIDC (e.g., Keycloak, Auth0, Okta). For further instructions, see [Hermes documentation](https://hermes-agent.nousresearch.com/docs/user-guide/features/web-dashboard#authentication-gated-mode).\n\n## Step 8: Setup HTTPS with Custom Domain (Optional)\n\nPoint your domain to your server's IP address (A record).\n\nCreate a name-based virtual host:\n\n**Domain:**`hermes.example.com`\n\n**Application:** Select your application**Application Listen Address:**`http://localhost:9119`\n\nCreate an SSL certificate:\n\n**Virtual Host:** Select the virtual host created above**Certificate Authority:** Let's Encrypt\n\nTest access to `https://hermes.example.com`\n\n- you should see the Hermes login page with a valid SSL certificate.\n\n## Step 9: Configure and Test Hermes\n\nAdd your LLM provider API key to `.env.hermes`\n\n:\n\n```\nOPENROUTER_API_KEY=sk-or-v1-...\n# or OPENAI_API_KEY, ANTHROPIC_API_KEY, etc.\n```\n\nRedeploy the application.\n\nIn the Hermes dashboard:\n\n- Go to\n**Models**→ select your provider and model - Go to\n**Chat**→ send a test message\n\nDone! Your Hermes AI Agent is deployed and ready to use.\n\n## Next Steps\n\nYour AI assistant is now running and ready to automate tasks.", "url": "https://wpnews.pro/news/how-to-deploy-hermes-ai-agent-with-docker-and-https", "canonical_source": "https://devopness.com/blog/deploy-hermes-ai-agent-devopness/", "published_at": "2026-06-17 00:14:36+00:00", "updated_at": "2026-06-17 00:52:40.723138+00:00", "lang": "en", "topics": ["ai-agents", "developer-tools", "ai-infrastructure"], "entities": ["Devopness", "Hermes", "NousResearch", "GitHub", "Slack", "Docker", "OpenRouter", "OpenAI"], "alternates": {"html": "https://wpnews.pro/news/how-to-deploy-hermes-ai-agent-with-docker-and-https", "markdown": "https://wpnews.pro/news/how-to-deploy-hermes-ai-agent-with-docker-and-https.md", "text": "https://wpnews.pro/news/how-to-deploy-hermes-ai-agent-with-docker-and-https.txt", "jsonld": "https://wpnews.pro/news/how-to-deploy-hermes-ai-agent-with-docker-and-https.jsonld"}}