About Hosting aiexperts-hermes-agent

Hosting runs the official nousresearch/hermes-agent Docker image — pinned to a content digest so every boot is reproducible — on a single Railway service. A secure-start.sh entrypoint boots the Hermes gateway and dashboard on internal loopback ports, then fronts them with a Caddy reverse proxy on the public $PORT that enforces bcrypt HTTP basic auth, so nothing is reachable without a login. The same proxy exposes a /files web file browser and a /dav WebDAV mount, both confined to a single web-served share/ folder. All state — agent config, the seeded SOUL.md identity, sessions, OAuth tokens, skills, and cron — persists to a Railway volume at /opt/data, and the agent runs from that writable volume so its first file write never hits the read-only app install. Inbound /webhooks/* traffic skips basic auth (guarded instead by long random path tokens and optional HMAC signature checks) so external services can POST events straight to the agent.

Common Use Cases

• Standing up a private, login-protected AI agent — dashboard, chat, sessions, and analytics — for a person or team without exposing anything publicly
• Wiring inbound webhooks (e.g. AgentMail message.received) to trigger autonomous agent actions like reading and replying to email
• Loading a private organization skills library alongside the ~90 public skills bundled in the Hermes image, and sharing generated files with a teammate via a clean download link

Dependencies for aiexperts-hermes-agent Hosting

• The upstream nousresearch/hermes-agent Docker image (s6-overlay v3 based)
• A Railway persistent volume mounted at /opt/data
• Caddy (auto-downloaded to the volume on first boot to run the auth proxy; cached for fast restarts)
• Optional: filebrowser and rclone (auto-downloaded the same way) to power /files and /dav

Deployment Dependencies

• Hermes Agent: https://github.com/NousResearch/hermes-agent
• Caddy: https://caddyserver.com/
• Docker image: https://hub.docker.com/r/nousresearch/hermes-agent
• Optional file tooling: filebrowser (https://github.com/filebrowser/filebrowser), rclone WebDAV (https://rclone.org/)

Deploy and Host:

1. Fork or push this repo, then create a Railway service from it.
2. Attach a persistent volume mounted at /opt/data.
3. Set DASHBOARD_USER and DASHBOARD_PASSWORD (and, to load private skills, SKILLS_REPO_URL + SKILLS_REPO_TOKEN).
4. Deploy. First boot downloads Caddy (~40 MB) to the volume and caches it; the agent boots with a default identity and a secure login already in front of it.

About Hosting

On first boot the service is self-configuring: it generates a dashboard password if you didn't set one (printed once to the logs), seeds a generic SOUL.md and USER.md so the agent has an identity and knows to ask who it works for, and creates the web-served share/ folder. Edits you or the agent make to those files are never overwritten on redeploy, so the deployment grows into yours over time.

Why Deploy

Railway is a singular platform to deploy your infrastructure stack. Railway will host your infrastructure so you don't have to deal with configuration, while allowing you to vertically and horizontally scale it.

By deploying aiexperts-hermes-agent on Railway, you are one step closer to supporting a complete full-stack application with minimal burden. Host your servers, databases, AI agents, and more on Railway.