Hermes Agent Setup Checklists: Personal, Team & Production

Three checklists. One for personal setup, one for team deployment, one for production security. Print them, bookmark them, run through them.

Checklist 1: Personal Setup (15 Minutes)

Getting Hermes running on your own machine for the first time.

Prerequisites

Machine has 4GB+ RAM (8GB recommended)
2GB+ free disk space
Running Linux, macOS, or WSL2
Terminal open and ready

Installation

Run install script: curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash
Verify install: hermes --version returns a version number
If “command not found”: run source ~/.bashrc or restart terminal

Initial Setup

Run hermes setup and complete wizard
Choose LLM provider (Ollama for free local, or paste an API key)
If using Ollama: confirm ollama serve is running in another terminal
Run hermes status — all checks show ✓

First Test

Run hermes to enter interactive CLI
Ask it something: What is Hermes Agent?
Got a response? ✅ You’re done

Optional: Connect a Platform

Choose one: Discord, Slack, or Telegram
Get bot token (see Platform Guide)
Run hermes setup again, add platform
Send a message to the bot — it replies ✅

Stuck?

Run hermes status first. It tells you exactly what’s broken. Then check the Troubleshooting Guide.

Checklist 2: Team Deployment (1 Hour)

Setting up Hermes for a team of 2–50 people with Discord or Slack.

Infrastructure

Server/VPS provisioned (4+ vCPU, 16GB RAM recommended)
SSH access confirmed
Firewall rules set (only allow required ports)
Domain/IP decided for Hermes server

Installation on Server

Connect via SSH
Run Hermes install script
Verify: hermes --version
Run hermes setup wizard on server

LLM Backend

Decided: Ollama (free) or cloud API (paid)?
If Ollama: installed and ollama serve running
If Ollama: model downloaded (ollama pull mistral)
If cloud API: API key set in environment variable
Test LLM: hermes test-llm passes

Platform Setup

Chosen primary platform: Discord / Slack / Telegram
Bot created and token obtained
Token stored in .env file (not hardcoded in config)
File permissions set: chmod 600 ~/.hermes/.env
Bot connected: hermes setup → platform config
Bot visible in platform (Discord server / Slack workspace / Telegram)

Permissions

Discord: Bot has “Send Messages” + “Read Message History” in channels
Slack: Bot scopes set correctly in Slack App settings
Telegram: Bot started with /start command

Verification

hermes status — all ✓
Send test message to bot — it responds
Learning enabled: hermes config show | grep learn
Memory directory exists: ls ~/.hermes/memory/

Team Onboarding

Share bot invite link with team
Document which channels/servers Hermes monitors
Create brief “how to use Hermes” doc for team
Set expectations: it gets smarter over time, not immediately

Pro tip: Run as a service

Use systemd or screen to keep Hermes running after you disconnect:

bash

# Quick: run in background with screen
screen -S hermes
hermes
# Press Ctrl+A, D to detach

Checklist 3: Production Security (Before Go-Live)

Run through this before exposing Hermes to real users or sensitive data.

Secrets & Credentials

All tokens in environment variables (zero hardcoded in config files)
.env file has chmod 600 permissions
API keys not in version control (.gitignore includes .env)
Separate API keys for dev and production
Key rotation schedule documented (recommend: 90 days)

Network Security

Hermes server NOT directly exposed to public internet
Platform webhooks (Discord/Slack/Telegram) go through firewall only
SSH access via key pairs only (password auth disabled)
Unused ports closed on firewall
Internal-only access if possible (VPN or private network)

Data & Privacy

Home directory encrypted (BitLocker / FileVault / LUKS)
Hermes memory directory permissions: chmod 700 ~/.hermes
Understand what conversations Hermes logs
Data retention policy defined and documented
GDPR/privacy compliance reviewed (if applicable)

Platform Token Security

Discord bot permissions set to minimum (not “Administrator”)
Slack app scopes reviewed — remove anything not needed
Token invalidation process documented (what to do if leaked)
Monitoring in place for unexpected bot activity

Monitoring & Logging

Logs enabled: log_level: "info" in config
Log file writable and rotating: logrotate configured
Alerts set up for errors (email/Slack notification)
API usage monitoring in place (watch for unexpected spikes)

Incident Response

Know how to revoke/rotate all tokens (documented)
Know how to audit Hermes memory: ls ~/.hermes/skills/
Emergency stop process documented: pkill hermes
Team contact list for security incidents

Final Verification

Run hermes status — all green
Test all connected platforms respond correctly
Review ~/.hermes/skills/ — no unexpected skill files
Check logs are clean: tail -50 ~/.hermes/logs/hermes.log

Before opening to external users

Always complete the full security checklist. The biggest risks are leaked bot tokens and over-privileged bot permissions. Both are easy to prevent and painful to recover from.

Quick Diagnostic Commands

Paste these whenever something seems off:

bash

# Overall status
hermes status

# Check LLM connection
hermes test-llm

# View all platform connections
hermes config show

# Check memory size
du -sh ~/.hermes/memory/

# Last 50 log lines
tail -50 ~/.hermes/logs/hermes.log

# List all learned skills
ls ~/.hermes/skills/

# Follow logs in real-time
tail -f ~/.hermes/logs/hermes.log

Hermes Agent Setup Checklists: Personal, Team & Production

Checklist 1: Personal Setup (15 Minutes)

Checklist 2: Team Deployment (1 Hour)

Checklist 3: Production Security (Before Go-Live)

Quick Diagnostic Commands

What to Read Next

Related Articles

Hermes Agent Config Templates: 5 Copy-Paste Ready Setups

Install Hermes Agent in 15 Minutes: Complete Setup Guide

Advanced Hermes Agent: Optimization, Scaling & Learning Loop Tuning