What you need before you start
A Linux VPS with at least 2 vCPU and 4 GB RAM. Hetzner's CX22 (~€7.49/month) or CX32 (€17.99/month, recommended for browser automation) are solid options. DigitalOcean's 4GB Droplet is $24/month. Hermes also runs on Modal or Daytona serverless infrastructure at near-zero idle cost — useful for bursty workloads, but cold-start latency makes it unsuitable for sub-minute cron tasks. Do not use a 1 GB RAM VPS — browser automation and subagent delegation crash frequently on it.
Docker and Docker Compose installed on the server. A domain name with DNS pointed at the server is needed for the web interface (HTTPS required — use a subdomain like hermes.yourdomain.com). Free SSL is handled by Caddy, included in the standard setup. An API key from at least one AI provider — Anthropic, OpenAI, or an OpenRouter account for multi-model access. Budget 4-8 hours for first-time setup.
The actual setup process
Provision the server with a fresh Ubuntu 24.04 image. Add a non-root user with sudo privileges — the Hermes security model assumes it runs under a restricted user account, not root. SSH in as that user and install Docker following the official Docker documentation for Ubuntu.
The installer handles the heavy lifting: run the one-liner from the documentation and it installs uv, Python 3.11, Node.js v22, ripgrep, ffmpeg, and the virtual environment without requiring sudo. Then run hermes setup for the interactive wizard — it walks through model provider, terminal backend (local, Docker, SSH, Singularity, or Modal), and gateway platform connections.
Copy .env.example to .env and fill in the essentials: AI provider key, optional Firecrawl key for browser tasks, Telegram/Discord/Slack tokens for the gateway. For the terminal backend, run hermes config set terminal.backend docker to isolate shell commands in Docker rather than on the host. Then docker compose up -d. If everything is configured correctly, Caddy will provision an SSL certificate and the web interface will be accessible at your domain within a minute or two. More often, something in the networking configuration needs adjusting — DNS not propagated yet, a firewall rule blocking port 443, or a conflict between Caddy and another process on port 80.
The parts that break
Browser automation is the main friction point. The headless Chromium browser requires specific system libraries not always present in minimal Docker images. Errors about missing libraries when the agent tries to open a browser mean you need to add those libraries to the container image — which requires rebuilding the Docker image rather than just pulling the published one. The project README covers this, but it is not a one-command fix.
Memory persistence breaks in subtle ways. The storage volume for memory is mounted into the container, but if you run docker compose down and then docker compose up without being careful about volume names, Docker can create a fresh volume and the agent starts empty. Always use named volumes and check them explicitly before restarting. This catches people the first time — and sometimes the second.
Updates are the ongoing headache. Pulling a new version and rebuilding sometimes changes the schema of memory storage or environment variable names. Hermes v0.5.0 ships with a migration tool that imports memory layers, API settings, and skills from existing environments, which helps — but running hermes update and discovering a config key changed still requires manual fixing. Without backups, you can lose accumulated agent memory during an upgrade.
What it costs
Server: Hetzner CX22 (~€7.49/month) for light-to-moderate use; CX32 (€17.99/month) for browser automation and parallel subagents. DigitalOcean equivalent: $24/month. Domain: $10-15/year. API costs: Claude Haiku 4.5 at $1/$5 per MTok is cheap for monitoring and summarization, but browser-heavy tasks with 10+ screenshots per run add 200-400k tokens/month in vision inputs alone.
Time cost: initial setup takes 4-8 hours. Estimate 1-2 hours per month for maintenance — handling updates, debugging intermittent failures, reviewing logs. Any server provider outage or container crash that does not auto-restart adds debugging time on top. At $50/hour, the math for self-hosting versus managed hosting is not as clean as the raw server cost makes it look.
When self-hosting makes sense
Full control over infrastructure — data privacy requirements, OS-level access for custom configuration, or deep integration with other self-hosted services. The MIT license means you can modify the code, add custom tools, and operate the agent in ways a managed service cannot accommodate.
An existing homelab or VPS where adding Hermes is just another service in a Docker Compose setup. The incremental cost is low and setup complexity is manageable if you already maintain similar infrastructure. Or you genuinely enjoy the infrastructure work and want to understand the system at every layer.
When managed hosting makes more sense
If your goal is a running agent rather than learning to configure one, managed hosting is faster by significant margin. The gap between 5 minutes and 6 hours matters when you have other work to do.
If you have already tried self-hosting and spent more than one evening debugging Docker networking or update problems, the recurring cost of managed hosting is likely less than the ongoing time cost of self-management. The agents do not care where they run — Hermes capabilities are identical whether the container is on your Hetzner VPS or on Hermes OS infrastructure. What differs is who handles the operational overhead.