MeshWorld India LogoMeshWorld.
Hermes AgentChecklistSetupDevOpsProduction6 min read

Hermes Agent Setup Checklists: Personal, Team & Production

Darsh Jariwala
By Darsh Jariwala
Hermes Agent Setup Checklists: Personal, Team & Production

Three checklists. One for personal setup, one for team deployment, one for production security. Print them, bookmark them, run through them.


Checklist 1: Personal Setup (15 Minutes)

Getting Hermes running on your own machine for the first time.

Prerequisites

  • Machine has 4GB+ RAM (8GB recommended)
  • 2GB+ free disk space
  • Running Linux, macOS, or WSL2
  • Terminal open and ready

Installation

  • Run install script: curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash
  • Verify install: hermes --version returns a version number
  • If “command not found”: run source ~/.bashrc or restart terminal

Initial Setup

  • Run hermes setup and complete wizard
  • Choose LLM provider (Ollama for free local, or paste an API key)
  • If using Ollama: confirm ollama serve is running in another terminal
  • Run hermes status — all checks show ✓

First Test

  • Run hermes to enter interactive CLI
  • Ask it something: What is Hermes Agent?
  • Got a response? ✅ You’re done

Optional: Connect a Platform

  • Choose one: Discord, Slack, or Telegram
  • Get bot token (see Platform Guide)
  • Run hermes setup again, add platform
  • Send a message to the bot — it replies ✅
Stuck?

Run hermes status first. It tells you exactly what’s broken. Then check the Troubleshooting Guide.


Checklist 2: Team Deployment (1 Hour)

Setting up Hermes for a team of 2–50 people with Discord or Slack.

Infrastructure

  • Server/VPS provisioned (4+ vCPU, 16GB RAM recommended)
  • SSH access confirmed
  • Firewall rules set (only allow required ports)
  • Domain/IP decided for Hermes server

Installation on Server

  • Connect via SSH
  • Run Hermes install script
  • Verify: hermes --version
  • Run hermes setup wizard on server

LLM Backend

  • Decided: Ollama (free) or cloud API (paid)?
  • If Ollama: installed and ollama serve running
  • If Ollama: model downloaded (ollama pull mistral)
  • If cloud API: API key set in environment variable
  • Test LLM: hermes test-llm passes

Platform Setup

  • Chosen primary platform: Discord / Slack / Telegram
  • Bot created and token obtained
  • Token stored in .env file (not hardcoded in config)
  • File permissions set: chmod 600 ~/.hermes/.env
  • Bot connected: hermes setup → platform config
  • Bot visible in platform (Discord server / Slack workspace / Telegram)

Permissions

  • Discord: Bot has “Send Messages” + “Read Message History” in channels
  • Slack: Bot scopes set correctly in Slack App settings
  • Telegram: Bot started with /start command

Verification

  • hermes status — all ✓
  • Send test message to bot — it responds
  • Learning enabled: hermes config show | grep learn
  • Memory directory exists: ls ~/.hermes/memory/

Team Onboarding

  • Share bot invite link with team
  • Document which channels/servers Hermes monitors
  • Create brief “how to use Hermes” doc for team
  • Set expectations: it gets smarter over time, not immediately
Pro tip: Run as a service

Use systemd or screen to keep Hermes running after you disconnect:

bash
# Quick: run in background with screen
screen -S hermes
hermes
# Press Ctrl+A, D to detach

Checklist 3: Production Security (Before Go-Live)

Run through this before exposing Hermes to real users or sensitive data.

Secrets & Credentials

  • All tokens in environment variables (zero hardcoded in config files)
  • .env file has chmod 600 permissions
  • API keys not in version control (.gitignore includes .env)
  • Separate API keys for dev and production
  • Key rotation schedule documented (recommend: 90 days)

Network Security

  • Hermes server NOT directly exposed to public internet
  • Platform webhooks (Discord/Slack/Telegram) go through firewall only
  • SSH access via key pairs only (password auth disabled)
  • Unused ports closed on firewall
  • Internal-only access if possible (VPN or private network)

Data & Privacy

  • Home directory encrypted (BitLocker / FileVault / LUKS)
  • Hermes memory directory permissions: chmod 700 ~/.hermes
  • Understand what conversations Hermes logs
  • Data retention policy defined and documented
  • GDPR/privacy compliance reviewed (if applicable)

Platform Token Security

  • Discord bot permissions set to minimum (not “Administrator”)
  • Slack app scopes reviewed — remove anything not needed
  • Token invalidation process documented (what to do if leaked)
  • Monitoring in place for unexpected bot activity

Monitoring & Logging

  • Logs enabled: log_level: "info" in config
  • Log file writable and rotating: logrotate configured
  • Alerts set up for errors (email/Slack notification)
  • API usage monitoring in place (watch for unexpected spikes)

Incident Response

  • Know how to revoke/rotate all tokens (documented)
  • Know how to audit Hermes memory: ls ~/.hermes/skills/
  • Emergency stop process documented: pkill hermes
  • Team contact list for security incidents

Final Verification

  • Run hermes status — all green
  • Test all connected platforms respond correctly
  • Review ~/.hermes/skills/ — no unexpected skill files
  • Check logs are clean: tail -50 ~/.hermes/logs/hermes.log
Before opening to external users

Always complete the full security checklist. The biggest risks are leaked bot tokens and over-privileged bot permissions. Both are easy to prevent and painful to recover from.


Quick Diagnostic Commands

Paste these whenever something seems off:

bash
# Overall status
hermes status

# Check LLM connection
hermes test-llm

# View all platform connections
hermes config show

# Check memory size
du -sh ~/.hermes/memory/

# Last 50 log lines
tail -50 ~/.hermes/logs/hermes.log

# List all learned skills
ls ~/.hermes/skills/

# Follow logs in real-time
tail -f ~/.hermes/logs/hermes.log

Share_This Twitter / X
Darsh Jariwala
Written By

Darsh Jariwala

Full-stack developer and Developer Experience (DX) advocate. Passionate about building efficient workflows, mastering IDEs, and sharing technical insights that help developers work smarter.

Enjoyed this article?

Support MeshWorld and help us create more technical content