Your own AI agent.
On a server you control.
One command turns a fresh Hetzner box into the Nous Research Hermes agent — hardened, running as a service, and reachable from your phone over Telegram. Bring your own model (OpenRouter, Codex, Claude, Gemini, local…). Inbound firewall 100% closed; the agent talks out, nothing listens in. Not a wrapper, not a SaaS — it's yours.
Field-validated end-to-end on a fresh Hetzner CX33 — see it live →The agent everyone wants — without renting it from anyone.
Hosted AI assistants run on someone else's machine, see all your data, and bill by the month forever. Hermes📦 puts the open Nous Hermes agent on a box you own: your VPS, your model keys, your data, your rules. We don't build the agent — Nous does. We harden the box, wire it up safely, and make it a one-command install. You can read every line.
Two ways to get a personal AI agent on a server.
Both end with a bot you can message from your phone. Only one of them is still standing at midnight.
By hand
- Harden Ubuntu, fight ufw, lock yourself out, rebuild
- Install Hermes — then chase the lazy-install that won't write a root-owned venv
- Telegram bot silently 409s: two pollers on one token
- Model set to "auto" → silently falls back to a provider you didn't pick
- Gateway dies on reboot; you don't notice for days
- It's an exposed agent on an open box and you're not sure what it can reach
A weekend, and a bot you don't trust.
With Hermes📦
- Run
hermes.sh— hardened box, deadman-protected lockdown - Hermes owned by an unprivileged user → deps self-heal like a local install
- Single clean gateway; Telegram works over an outbound poll, no open ports
- Concrete model pinned; safe defaults (approvals, SSRF guard, allowlist)
- systemd service: starts on boot, restarts itself
- Message your bot. ~10 minutes.
An agent you own, and trust.
What's in the box.
One private GitHub repo. Lifetime access. MIT-licensed scripts. Hermes itself stays Nous's — you hermes update on their cadence.
Idempotent bash. Hardens the box and wires Hermes in, with a deadman timer that makes lockout physically impossible.
Owned by an unprivileged hermes user so its runtime deps + any provider SDK self-install — exactly like a local setup.
The gateway runs as a systemd service over an outbound long-poll. Talk to your agent from your phone; nothing listens inbound.
Guided provider setup: OpenRouter, Codex/ChatGPT, Claude, Gemini, Nous Portal, local Ollama — 40+ options. Your keys, your bill.
Bake a Hetzner snapshot, spin a box in ~40s. Repeatable, disposable infrastructure.
Runs as non-root; approvals=smart bounces risky commands to you on Telegram; SSRF guard; strict allowlist.
A CLAUDE.md runbook so your own coding agent drives Packer + Terraform + setup, pausing at safety gates.
Full walkthrough — provider choice, Telegram reliability, the Docker-isolation upgrade, recovery. Honest about the sharp edges.
What it costs to actually run.
We mark up none of it. Bring your own accounts.
| Service | Role | Cost |
|---|---|---|
| Hetzner CX33 (8 GB) | The VPS the agent runs on | ~$16/mo |
| ↳ or CAX21 (8 GB ARM) | cheaper option | ~$8/mo |
| Your LLM provider | The model Hermes uses | your key / plan |
| Tailscale | Private SSH mesh | free |
| Cloudflare | Optional web-dashboard tunnel | free |
| The box | ~$8–16/month | |
Pricing.
One-time. Lifetime updates. FOUNDERS40 for 40% off — first 50 buyers only.
Standard
FOUNDERS40- Everything in the kit
- Lifetime private-repo access
- All updates pushed (
git pull) - MIT-licensed scripts
Pro
FOUNDERS40- Everything in Standard
- Buyer Discord access
- Priority bug-fix response (48h)
- 30 min async 1:1 setup help
- Proactive breaking-change pings
14-day refund if you can't make it work. I'll try to help you debug first.
Who's this for?
You'll love it if
- You want a personal AI agent you actually own and control
- You'd rather pay your model provider directly than rent an assistant
- You want to reach your agent from your phone, anywhere, over Telegram
- You care that it's hardened and you can read every line
Skip it if
- You're happy with a hosted assistant and don't want a server
- You won't run a ~$8–16/mo VPS or bring your own model
- You need a turnkey GUI app, not an SSH-and-Telegram box
- You want zero-maintenance — Hermes is young and moves fast
FAQ.
Is this affiliated with Nous Research?
No. Hermes is Nous Research's open agent; Hermes📦 is an unaffiliated installer that sets it up securely on your own box. Not endorsed by Nous.
Do I have to pay for a model separately?
Yes — bring your own. Hermes📦 is provider-agnostic: an OpenRouter key, a Codex/ChatGPT or Claude subscription, Gemini, Nous Portal, or a local model all work. You pay your provider directly; we don't touch it.
Is it safe to run an agent reachable from the internet?
Telegram is locked to your allowlist and rides an outbound poll — nothing listens inbound, SSH is Tailscale-only. The agent runs as a non-root user with smart approvals and an SSRF guard; the real boundary is that it's a disposable, single-purpose box. The GUIDE documents an optional Docker-sandbox upgrade.
Is it actually tested, or just docs?
Field-validated end-to-end on a fresh Hetzner CX33 + Ubuntu 26.04: bake → provision → lockdown → Hermes install → systemd gateway → a real reply over Telegram. Seven empirical bugs were caught and fixed on real hardware (the GUIDE lists them).
Does it work on other VPS providers?
The hermes.sh path works on any fresh Ubuntu 24.04 / 26.04 box with root SSH. Packer + Terraform target Hetzner specifically; adapting them is straightforward but not pre-built.
Refunds?
14-day, no-questions. I'll try to help you debug first.
Stop renting the agent. Own it.
The Nous Hermes agent, on a hardened box you control, reachable from your phone — in ~10 minutes. FOUNDERS40 = 40% off, first 50 buyers.
🥞 Shipping side projects, not running an agent? Vibebox — a hardened, agent-ready dev box (Claude Code, Cloudflare tunnel, real backups) in ~5 minutes.