What you need before you start
A Linux VPS with at least 2 vCPU and 4 GB RAM. Hetzner's CX22 (~€7.49/month) or CX32 (€17.99/month, recommended for browser automation) are solid options. DigitalOcean's 4GB Droplet is $24/month. Alternatively, Hermes runs on Modal or Daytona serverless infrastructure at near-zero idle cost — useful for bursty workloads, but cold-start latency makes it unsuitable for sub-minute cron tasks. Do not use the cheapest 1 GB RAM VPS tier — browser automation and subagent delegation crash frequently on it.
Docker and Docker Compose installed on the server. You also need a domain name with DNS pointed at the server, because the web interface needs HTTPS to work properly. You can use a subdomain (like `hermes.yourdomain.com`) rather than a root domain. Free SSL is handled by Caddy, one of the components in the standard setup.
An API key from at least one AI provider — Anthropic, OpenAI, or an OpenRouter account if you want access to multiple models. And about 4-8 hours set aside. This is not a 30-minute project, especially if you have not done this type of server configuration before.
The actual setup process
Start by provisioning the server with a fresh Ubuntu 24.04 image. Add a non-root user with sudo privileges — you do not want to run the agent as root, and the Hermes security model assumes it is running under a restricted user account. SSH in as that user and install Docker following the official Docker documentation for Ubuntu.
The installer handles the heavy lifting: run the one-liner from the documentation and it installs uv, Python 3.11, Node.js v22, ripgrep, ffmpeg, and the virtual environment without requiring sudo. Then run `hermes setup` for the interactive wizard — it walks you through model provider, terminal backend (local, Docker, SSH, Singularity, or Modal), and gateway platform connections.
Copy `.env.example` to `.env` and fill in the essentials: your AI provider key (Anthropic, OpenAI, or OpenRouter), optional Firecrawl key for browser tasks, Telegram/Discord/Slack tokens for the gateway, and FAL.ai key if you want image generation. The `.env.example` is well-commented — every variable explains itself. For the terminal backend, set it via `hermes config set terminal.backend docker` to run commands in Docker isolation rather than on the host.
Run `docker compose up -d`. If everything is configured correctly, Caddy will provision an SSL certificate automatically and the web interface will be accessible at your domain within a minute or two. More often, something in the networking configuration needs adjusting — the most common issues are DNS not propagated yet, a firewall rule blocking port 443, or a conflict between Caddy and another process on port 80.
The parts that break
Browser automation is the main friction point. The headless Chromium browser the agent uses requires specific system libraries that are not always present in minimal Docker images. If you get errors about missing libraries when the agent tries to open a browser, you need to add those libraries to the container image. The project README covers this, but it requires rebuilding the Docker image rather than just pulling the published one.
Memory persistence breaks in subtle ways. The storage volume for the agent's memory is mounted into the container, but if you run `docker compose down` and then `docker compose up` without being careful about volume names, Docker can create a fresh volume and the agent starts with empty memory. This catches people the first time. Always use named volumes and check them explicitly before restarting.
Updates are the ongoing headache. Pulling a new version of the Hermes Agent repository and rebuilding sometimes changes the schema of the memory storage or environment variable names. Hermes v0.5.0 ships with a migration tool that imports memory layers, API settings, and skills from existing environments (including OpenClaw setups), which helps — but running `hermes update` and discovering a config key changed still requires manual fixing. If you do not keep backups, you can lose accumulated agent memory during an upgrade.
What it costs
The server itself: Hetzner CX22 (~€7.49/month, 2 vCPU 4 GB RAM) covers light-to-moderate use; CX32 (€17.99/month, 4 vCPU 8 GB RAM) handles browser automation and parallel subagents comfortably. DigitalOcean equivalent: 4 GB Droplet at $24/month. A domain name costs $10-15/year. Your AI provider charges per token — Claude Haiku 4.5 at $1/$5 per MTok is cheap for monitoring and summarization, but browser-heavy tasks generating 10+ screenshots per run add up to 200-400k tokens/month just for the vision inputs.
The time cost: initial setup takes 4-8 hours. Estimate 1-2 hours per month for maintenance — handling updates, debugging intermittent failures, and reviewing logs. If your server provider has an outage or the container crashes and does not auto-restart correctly, add debugging time on top of that.
The opportunity cost: every hour spent on server maintenance is an hour not spent on the work the agent is supposed to be helping you with. If your time is worth more than minimum wage, the math for self-hosting versus paying $19/month for managed hosting is not as clear as the raw server cost makes it look.
When self-hosting makes sense
If you want full control over the infrastructure — to run the agent on your own hardware for data privacy reasons, to access the container at the OS level for custom configuration, or to integrate deeply with other self-hosted services — self-hosting is the right call. The MIT license means you can modify the code, add custom tools, and operate the agent in ways that a managed service cannot accommodate.
If you are already running a homelab or a VPS for other purposes and adding Hermes to it is just another service in your existing Docker Compose setup, the incremental cost is low and the setup complexity is manageable.
If you genuinely enjoy the infrastructure work and want to understand how the system works at every layer, self-hosting is educational in a way that managed hosting is not.
When managed hosting makes more sense
If your goal is to have a running agent, not to learn how to configure one, managed hosting is faster by a significant margin. The difference between 5 minutes and 6 hours is not a small thing when you have other work to do.
If you have already tried self-hosting and spent more than one evening debugging Docker networking or update problems, the recurring cost of managed hosting is likely much less than the ongoing time cost of self-management.
The agents do not care where they run. The Hermes capabilities are identical whether the container is on your Hetzner VPS or on Hermes OS infrastructure. What differs is who handles the operational overhead.