# How to Deploy Hermes AI Agent with Docker and HTTPS > Source: > Published: 2026-06-17 00:14:36+00:00 Deploy Hermes AI Agent with Docker, automatic HTTPS, and authentication. This guide works for both AI assistants (e.g., via Devopness MCP Server, Devopness API) and manual setup through the web interface. ## What is Hermes? [Hermes](https://github.com/NousResearch/hermes-agent) is an autonomous AI agent that can write code, deploy applications, browse the web, integrate with Slack and GitHub, and automate repetitive tasks. It works like having a developer on your team. Deploying AI agents typically requires complex server configuration, Docker expertise, and manual SSL certificate management. This guide shows you how to deploy Hermes using Devopness, which handles all the infrastructure automatically. ## What You'll Build By the end of this guide, you'll have Hermes AI Agent deployed and running: - Running 24/7 on your cloud infrastructure - Accessible via secure HTTPS dashboard ( `https://hermes.example.com` ) - Protected by username/password authentication for trusted/private access, with OAuth/OIDC recommended for public internet deployments - With persistent storage that survives deployments - Auto-renewing SSL certificates (every 90 days) - Ready to integrate with Slack, GitHub, and other services **This guide is for:** Anyone who wants to deploy Hermes to a cloud server, without manual configuration. Works with any AI assistant or via Devopness web UI. **Don't have a Devopness account yet?** [Create your free account](https://www.devopness.com) to get started. ## Pro Tip: Let AI Do the Work You can have an AI assistant (e.g., Claude Code, Cursor, Cline, Windsurf) execute this entire deployment for you using the [Devopness MCP Server](https://devopness.com/mcp/). **Copy this prompt to your AI assistant:** Read the Hermes deployment guide at [https://www.devopness.com/blog/deploy-hermes-ai-agent-devopness]and execute it step by step using Devopness MCP tools. Your AI assistant will handle the deployment while keeping you informed at key decision points. ## Prerequisites ### An Environment with Credentials Ready In Devopness, you work inside "Environments" (Development, Staging, or Production). You'll need an environment with: - **A Cloud Provider Credential**- So Devopness can create servers for you (AWS, Azure, Google Cloud, DigitalOcean, Hetzner, or any cloud provider) - **A GitHub Credential**- So Devopness can download Hermes' code (GitHub Personal Access Token) - **An LLM Provider Account**- So Hermes can use AI (OpenRouter, OpenAI, Anthropic, Groq, or Ollama Cloud) **Need help setting up?** Follow this guide first: [How to Create an Environment](https://www.devopness.com/docs/environments/add-environment/) ## Step 1: Create the Server Create a server with these specifications: **Name**:`hermes-server` **Cloud Provider**: AWS, Azure, GCP, DigitalOcean, Hetzner, or others** Region**: Choose the closest to your users** Instance Size**: 4GB RAM minimum, 20GB disk** Operating System**: Latest Ubuntu LTS **Why these specs:** Hermes requires 4GB RAM for browser automation and AI tasks. Ubuntu LTS provides long-term security updates. ## Step 2: Create the Application Create an application with these settings: **Name**:`hermes-agent` (lowercase, no spaces)**Source Provider**: GitHub** Repository**:`NousResearch/hermes-agent` **Branch**:`main` **Programming Language**: Docker** Root Directory**:`/` **Build Command**: ``` docker compose -p ${APPLICATION_NAME} pull && docker compose -p ${APPLICATION_NAME} up -d && docker compose -p ${APPLICATION_NAME} logs || { docker compose -p ${APPLICATION_NAME} logs; exit 1; } ``` ## Step 3: Add the Storage Path Variable Create an environment variable for persistent storage: **Key**:`APPLICATION_PATH` **Value**:`/home/devopness/hermes-agent` (replace`hermes-agent` with your app name)**Target**: OS Environment Variable** Visibility**: Visible **Why:** Defines where Hermes stores chat history, API keys, browser sessions, and uploaded files. Without this, every deployment resets to factory defaults. ## Step 4: Add Configuration Files Create three configuration files. ### File 1: `.env` Prepare the following values and replace them in the file content below: `HERMES_DASHBOARD_BASIC_AUTH_PASSWORD` - use a strong password (20+ characters) `HERMES_DASHBOARD_BASIC_AUTH_SECRET` - use a random 32+ character string (generate at[https://generate-random.org/api-token-generator]or run`openssl rand -base64 32` ) **Description:** Dashboard settings and authentication**Path:**`.env` **Content:** ``` # Hermes AI Agent Configuration # Container Name CONTAINER_NAME=${APPLICATION_NAME}-hermes # File Permissions (auto-detected during deployment) HERMES_UID=__DEVOPNESS_UID__ HERMES_GID=__DEVOPNESS_GID__ # Dashboard Settings HERMES_DASHBOARD=true HERMES_DASHBOARD_HOST=0.0.0.0 HERMES_DASHBOARD_PORT=9119 # Security - Login Protection HERMES_DASHBOARD_BASIC_AUTH_USERNAME=agent HERMES_DASHBOARD_BASIC_AUTH_PASSWORD=CHANGE_THIS_PASSWORD HERMES_DASHBOARD_BASIC_AUTH_SECRET=CHANGE_THIS_SECRET # Performance Settings HERMES_SHM_SIZE=1g HERMES_MEMORY_LIMIT=4G HERMES_MEMORY_RESERVATION=2G HERMES_CPU_LIMIT=2.0 ``` ### File 2: `.env.hermes` **Description:** LLM provider API keys and integrations**Path:**`.env.hermes` **Content:** ``` # Hermes Agent Configuration # Terminal Environment (required) TERMINAL_ENV=local # Add your integration API keys here (examples): # SLACK_BOT_TOKEN=xoxb-... # SLACK_APP_TOKEN=xapp-... # LINEAR_API_KEY=lin_api_... # OPENROUTER_API_KEY=sk-or-... # OPENAI_API_KEY=sk-... ``` **🔸 Note:** This file is the source of truth for environment variables and is copied to persistent storage on every deployment. Changes made directly in the Hermes dashboard or inside `${APPLICATION_PATH}/data/.env` will be overwritten on the next deployment. Add long-lived API keys and integration secrets to `.env.hermes` , then redeploy. ### File 3: `docker-compose.yml` **Description:** Container configuration and resources**Path:**`docker-compose.yml` **Content:** ``` services: hermes: image: nousresearch/hermes-agent:v2026.6.5 container_name: ${CONTAINER_NAME} restart: unless-stopped command: gateway run privileged: true volumes: - ${APPLICATION_PATH}/data:/opt/data - /var/run/docker.sock:/var/run/docker.sock env_file: - .env ports: - "127.0.0.1:${HERMES_DASHBOARD_PORT}:${HERMES_DASHBOARD_PORT}" shm_size: ${HERMES_SHM_SIZE:-1g} deploy: resources: limits: memory: ${HERMES_MEMORY_LIMIT:-4G} cpus: "${HERMES_CPU_LIMIT:-2.0}" reservations: memory: ${HERMES_MEMORY_RESERVATION:-2G} networks: - hermes-net networks: hermes-net: driver: bridge name: ${APPLICATION_NAME}-network ``` **🔹 Tip:** Check [Docker Hub](https://hub.docker.com/r/nousresearch/hermes-agent/tags) for newer versions. Always pin to a specific version tag (not `latest` ) for reproducible deployments. **🔸 Security note:** This configuration uses `privileged: true` and mounts `/var/run/docker.sock` . Required for Hermes to run Docker commands and browser automation, but gives the container elevated access to the host. Deploy with HTTPS and strong authentication. ## Step 5: Configure the Deployment Pipeline Update your deployment pipeline settings: **Max Parallel Actions**: Set to`1` (prevents deployment conflicts where outdated configurations could override newer ones) Add three custom pipeline steps in this order: ### Step 1: Create Hermes Storage **Position:** After "Get source from Git repository"**Name:**`Create Hermes storage` **Command:** ``` mkdir -p ${APPLICATION_PATH}/data && \ chown devopness:devopness ${APPLICATION_PATH}/data ``` ### Step 2: Update UID/GID Placeholders **Position:** After "Create Hermes storage"**Name:**`Update UID/GID placeholders` **Command:** ``` DEVOPNESS_UID=$(id -u devopness) && \ DEVOPNESS_GID=$(id -g devopness) && \ sed -i "s/__DEVOPNESS_UID__/${DEVOPNESS_UID}/g" .env && \ sed -i "s/__DEVOPNESS_GID__/${DEVOPNESS_GID}/g" .env ``` **Why:** Aligns container user permissions with host filesystem. ### Step 3: Copy Hermes Configuration **Position:** After "Activate current build"**Name:**`Copy Hermes configuration to data folder` **Command:** ``` cp .env.hermes ${APPLICATION_PATH}/data/.env && \ chmod 600 ${APPLICATION_PATH}/data/.env && \ chown devopness:devopness ${APPLICATION_PATH}/data/.env ``` **Why:** Copies API keys to persistent storage so they survive deployments. ## Step 6: Deploy Hermes Deploy the application: **Pipeline:** Deploy pipeline (already configured)**Source:** Branch`main` **Servers:** Select the server created in Step 1 Deployment takes 5-8 minutes on first run (downloads Docker images, builds the container). Devopness redirects you to the Action page where you can watch the deployment live. Wait for the action to complete. ## Step 7: Test Your Deployment (Optional) **🔹 Tip:** If you have a domain ready, skip to Step 8 for HTTPS setup. Find and edit the auto-generated virtual host for your server (hostname matches your server's public IP address): **Application:** Select your Hermes application**Application Listen Address:**`http://localhost:9119` Deploy and wait for the action to complete. Then test access at `http://YOUR_SERVER_IP` . You should see the Hermes login page (username: `agent` , password: from your `.env` file). ## Authentication Security Notice This guide uses HTTP Basic Authentication (username/password), suitable for trusted networks or VPN access. **Best practices:** - Use a strong password (20+ random characters) - Deploy with HTTPS enabled - Consider IP whitelisting for additional security For public internet deployments, use OAuth (e.g., Nous Portal) or self-hosted OIDC (e.g., Keycloak, Auth0, Okta). For further instructions, see [Hermes documentation](https://hermes-agent.nousresearch.com/docs/user-guide/features/web-dashboard#authentication-gated-mode). ## Step 8: Setup HTTPS with Custom Domain (Optional) Point your domain to your server's IP address (A record). Create a name-based virtual host: **Domain:**`hermes.example.com` **Application:** Select your application**Application Listen Address:**`http://localhost:9119` Create an SSL certificate: **Virtual Host:** Select the virtual host created above**Certificate Authority:** Let's Encrypt Test access to `https://hermes.example.com` - you should see the Hermes login page with a valid SSL certificate. ## Step 9: Configure and Test Hermes Add your LLM provider API key to `.env.hermes` : ``` OPENROUTER_API_KEY=sk-or-v1-... # or OPENAI_API_KEY, ANTHROPIC_API_KEY, etc. ``` Redeploy the application. In the Hermes dashboard: - Go to **Models**→ select your provider and model - Go to **Chat**→ send a test message Done! Your Hermes AI Agent is deployed and ready to use. ## Next Steps Your AI assistant is now running and ready to automate tasks.