How to Deploy Hermes AI Agent with Docker and HTTPS

Devopness released a guide for deploying the Hermes AI agent using Docker with automatic HTTPS and authentication, enabling users to run the autonomous coding agent on cloud infrastructure without manual SSL management. The deployment supports integration with Slack, GitHub, and LLM providers, and can be executed via AI assistants using the Devopness MCP Server.

Deploy Hermes AI Agent with Docker, automatic HTTPS, and authentication. This guide works for both AI assistants e.g., via Devopness MCP Server, Devopness API and manual setup through the web interface. What is Hermes? Hermes https://github.com/NousResearch/hermes-agent is an autonomous AI agent that can write code, deploy applications, browse the web, integrate with Slack and GitHub, and automate repetitive tasks. It works like having a developer on your team. Deploying AI agents typically requires complex server configuration, Docker expertise, and manual SSL certificate management. This guide shows you how to deploy Hermes using Devopness, which handles all the infrastructure automatically. What You'll Build By the end of this guide, you'll have Hermes AI Agent deployed and running: - Running 24/7 on your cloud infrastructure - Accessible via secure HTTPS dashboard https://hermes.example.com - Protected by username/password authentication for trusted/private access, with OAuth/OIDC recommended for public internet deployments - With persistent storage that survives deployments - Auto-renewing SSL certificates every 90 days - Ready to integrate with Slack, GitHub, and other services This guide is for: Anyone who wants to deploy Hermes to a cloud server, without manual configuration. Works with any AI assistant or via Devopness web UI. Don't have a Devopness account yet? Create your free account https://www.devopness.com to get started. Pro Tip: Let AI Do the Work You can have an AI assistant e.g., Claude Code, Cursor, Cline, Windsurf execute this entire deployment for you using the Devopness MCP Server https://devopness.com/mcp/ . Copy this prompt to your AI assistant: Read the Hermes deployment guide at https://www.devopness.com/blog/deploy-hermes-ai-agent-devopness and execute it step by step using Devopness MCP tools. Your AI assistant will handle the deployment while keeping you informed at key decision points. Prerequisites An Environment with Credentials Ready In Devopness, you work inside "Environments" Development, Staging, or Production . You'll need an environment with: - A Cloud Provider Credential - So Devopness can create servers for you AWS, Azure, Google Cloud, DigitalOcean, Hetzner, or any cloud provider - A GitHub Credential - So Devopness can download Hermes' code GitHub Personal Access Token - An LLM Provider Account - So Hermes can use AI OpenRouter, OpenAI, Anthropic, Groq, or Ollama Cloud Need help setting up? Follow this guide first: How to Create an Environment https://www.devopness.com/docs/environments/add-environment/ Step 1: Create the Server Create a server with these specifications: Name : hermes-server Cloud Provider : AWS, Azure, GCP, DigitalOcean, Hetzner, or others Region : Choose the closest to your users Instance Size : 4GB RAM minimum, 20GB disk Operating System : Latest Ubuntu LTS Why these specs: Hermes requires 4GB RAM for browser automation and AI tasks. Ubuntu LTS provides long-term security updates. Step 2: Create the Application Create an application with these settings: Name : hermes-agent lowercase, no spaces Source Provider : GitHub Repository : NousResearch/hermes-agent Branch : main Programming Language : Docker Root Directory : / Build Command : docker compose -p ${APPLICATION NAME} pull && docker compose -p ${APPLICATION NAME} up -d && docker compose -p ${APPLICATION NAME} logs || { docker compose -p ${APPLICATION NAME} logs; exit 1; } Step 3: Add the Storage Path Variable Create an environment variable for persistent storage: Key : APPLICATION PATH Value : /home/devopness/hermes-agent replace hermes-agent with your app name Target : OS Environment Variable Visibility : Visible Why: Defines where Hermes stores chat history, API keys, browser sessions, and uploaded files. Without this, every deployment resets to factory defaults. Step 4: Add Configuration Files Create three configuration files. File 1: .env Prepare the following values and replace them in the file content below: HERMES DASHBOARD BASIC AUTH PASSWORD - use a strong password 20+ characters HERMES DASHBOARD BASIC AUTH SECRET - use a random 32+ character string generate at https://generate-random.org/api-token-generator or run openssl rand -base64 32 Description: Dashboard settings and authentication Path: .env Content: Hermes AI Agent Configuration Container Name CONTAINER NAME=${APPLICATION NAME}-hermes File Permissions auto-detected during deployment HERMES UID= DEVOPNESS UID HERMES GID= DEVOPNESS GID Dashboard Settings HERMES DASHBOARD=true HERMES DASHBOARD HOST=0.0.0.0 HERMES DASHBOARD PORT=9119 Security - Login Protection HERMES DASHBOARD BASIC AUTH USERNAME=agent HERMES DASHBOARD BASIC AUTH PASSWORD=CHANGE THIS PASSWORD HERMES DASHBOARD BASIC AUTH SECRET=CHANGE THIS SECRET Performance Settings HERMES SHM SIZE=1g HERMES MEMORY LIMIT=4G HERMES MEMORY RESERVATION=2G HERMES CPU LIMIT=2.0 File 2: .env.hermes Description: LLM provider API keys and integrations Path: .env.hermes Content: Hermes Agent Configuration Terminal Environment required TERMINAL ENV=local Add your integration API keys here examples : SLACK BOT TOKEN=xoxb-... SLACK APP TOKEN=xapp-... LINEAR API KEY=lin api ... OPENROUTER API KEY=sk-or-... OPENAI API KEY=sk-... 🔸 Note: This file is the source of truth for environment variables and is copied to persistent storage on every deployment. Changes made directly in the Hermes dashboard or inside ${APPLICATION PATH}/data/.env will be overwritten on the next deployment. Add long-lived API keys and integration secrets to .env.hermes , then redeploy. File 3: docker-compose.yml Description: Container configuration and resources Path: docker-compose.yml Content: services: hermes: image: nousresearch/hermes-agent:v2026.6.5 container name: ${CONTAINER NAME} restart: unless-stopped command: gateway run privileged: true volumes: - ${APPLICATION PATH}/data:/opt/data - /var/run/docker.sock:/var/run/docker.sock env file: - .env ports: - "127.0.0.1:${HERMES DASHBOARD PORT}:${HERMES DASHBOARD PORT}" shm size: ${HERMES SHM SIZE:-1g} deploy: resources: limits: memory: ${HERMES MEMORY LIMIT:-4G} cpus: "${HERMES CPU LIMIT:-2.0}" reservations: memory: ${HERMES MEMORY RESERVATION:-2G} networks: - hermes-net networks: hermes-net: driver: bridge name: ${APPLICATION NAME}-network 🔹 Tip: Check Docker Hub https://hub.docker.com/r/nousresearch/hermes-agent/tags for newer versions. Always pin to a specific version tag not latest for reproducible deployments. 🔸 Security note: This configuration uses privileged: true and mounts /var/run/docker.sock . Required for Hermes to run Docker commands and browser automation, but gives the container elevated access to the host. Deploy with HTTPS and strong authentication. Step 5: Configure the Deployment Pipeline Update your deployment pipeline settings: Max Parallel Actions : Set to 1 prevents deployment conflicts where outdated configurations could override newer ones Add three custom pipeline steps in this order: Step 1: Create Hermes Storage Position: After "Get source from Git repository" Name: Create Hermes storage Command: mkdir -p ${APPLICATION PATH}/data && \ chown devopness:devopness ${APPLICATION PATH}/data Step 2: Update UID/GID Placeholders Position: After "Create Hermes storage" Name: Update UID/GID placeholders Command: DEVOPNESS UID=$ id -u devopness && \ DEVOPNESS GID=$ id -g devopness && \ sed -i "s/ DEVOPNESS UID /${DEVOPNESS UID}/g" .env && \ sed -i "s/ DEVOPNESS GID /${DEVOPNESS GID}/g" .env Why: Aligns container user permissions with host filesystem. Step 3: Copy Hermes Configuration Position: After "Activate current build" Name: Copy Hermes configuration to data folder Command: cp .env.hermes ${APPLICATION PATH}/data/.env && \ chmod 600 ${APPLICATION PATH}/data/.env && \ chown devopness:devopness ${APPLICATION PATH}/data/.env Why: Copies API keys to persistent storage so they survive deployments. Step 6: Deploy Hermes Deploy the application: Pipeline: Deploy pipeline already configured Source: Branch main Servers: Select the server created in Step 1 Deployment takes 5-8 minutes on first run downloads Docker images, builds the container . Devopness redirects you to the Action page where you can watch the deployment live. Wait for the action to complete. Step 7: Test Your Deployment Optional 🔹 Tip: If you have a domain ready, skip to Step 8 for HTTPS setup. Find and edit the auto-generated virtual host for your server hostname matches your server's public IP address : Application: Select your Hermes application Application Listen Address: http://localhost:9119 Deploy and wait for the action to complete. Then test access at http://YOUR SERVER IP . You should see the Hermes login page username: agent , password: from your .env file . Authentication Security Notice This guide uses HTTP Basic Authentication username/password , suitable for trusted networks or VPN access. Best practices: - Use a strong password 20+ random characters - Deploy with HTTPS enabled - Consider IP whitelisting for additional security For public internet deployments, use OAuth e.g., Nous Portal or self-hosted OIDC e.g., Keycloak, Auth0, Okta . For further instructions, see Hermes documentation https://hermes-agent.nousresearch.com/docs/user-guide/features/web-dashboard authentication-gated-mode . Step 8: Setup HTTPS with Custom Domain Optional Point your domain to your server's IP address A record . Create a name-based virtual host: Domain: hermes.example.com Application: Select your application Application Listen Address: http://localhost:9119 Create an SSL certificate: Virtual Host: Select the virtual host created above Certificate Authority: Let's Encrypt Test access to https://hermes.example.com - you should see the Hermes login page with a valid SSL certificate. Step 9: Configure and Test Hermes Add your LLM provider API key to .env.hermes : OPENROUTER API KEY=sk-or-v1-... or OPENAI API KEY, ANTHROPIC API KEY, etc. Redeploy the application. In the Hermes dashboard: - Go to Models → select your provider and model - Go to Chat → send a test message Done Your Hermes AI Agent is deployed and ready to use. Next Steps Your AI assistant is now running and ready to automate tasks.