T-Gander/ProxmoxVEDHelperScripts
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
adbfd66056a257d40b4936db687860b4872df1be
ProxmoxVEDHelperScripts/ct/hermes-agent.sh
Stephen Chin adbfd66056 feat: add Hermes Agent LXC 
Adds container scripts for Hermes Agent (Nous Research), a self-improving
AI agent with LLM provider integration, terminal execution, web browsing,
and multi-platform messaging support.

Files:
- ct/hermes-agent.sh
- install/hermes-agent-install.sh
- json/hermes-agent.json
- ct/headers/hermes-agent

Deviations from standard patterns (justified):

1. Uses upstream installer (curl-pipe) instead of fetch_and_deploy_gh_release:
   Hermes is a uv-managed Python application with complex dependency
   resolution, virtualenv management, and binary placement—not a single
   binary or tarball from GitHub Releases.

2. Dedicated 'hermes' service user (not running as root):
   The agent executes arbitrary terminal commands on behalf of the user.
   Running as root would give the AI unrestricted system access. This
   follows the protonmail-bridge service-user pattern for isolation.

3. Dashboard (port 9119) bound to localhost only, requiring SSH tunnel:
   The web UI provides admin access to an AI that can execute commands.
   SSH tunnel provides an authentication/authorization boundary.

4. /usr/bin/hermes shim script:
   The hermes CLI validates cwd permissions; running 'hermes' as root
   from /root fails. The shim cd's to /home/hermes and exec's as the
   hermes user via runuser.

5. setsid --wait wrapping of upstream installer:
   The upstream installer probes /dev/tty for interactive prompts even
   with --skip-setup; setsid detaches the controlling terminal.
2026-05-02 06:25:28 -07:00

69 lines
2.0 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
# Copyright (c) 2021-2026 community-scripts ORG
# Author: Stephen Chin (steveonjava)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://hermes-agent.nousresearch.com/
APP="Hermes Agent"
var_tags="${var_tags:-ai;automation;agent}"
var_cpu="${var_cpu:-2}"
var_ram="${var_ram:-4096}"
var_disk="${var_disk:-20}"
var_os="${var_os:-debian}"
var_version="${var_version:-13}"
var_unprivileged="${var_unprivileged:-1}"
header_info "$APP"
variables
color
catch_errors
function update_script() {
header_info
check_container_storage
check_container_resources
if [[ ! -x /home/hermes/.local/bin/hermes ]]; then
msg_error "No ${APP} Installation Found!"
exit
fi
msg_info "Stopping Services"
systemctl stop hermes-dashboard
systemctl stop hermes-gateway
msg_ok "Stopped Services"
msg_info "Updating ${APP}"
$STD env \
HOME=/home/hermes \
HERMES_HOME=/home/hermes/.hermes \
/home/hermes/.local/bin/hermes update
chown -R hermes:hermes /home/hermes
msg_ok "Updated ${APP}"
msg_info "Starting Services"
systemctl start hermes-gateway
systemctl start hermes-dashboard
msg_ok "Started Services"
msg_ok "Updated successfully!"
exit
}
start
build_container
description
msg_ok "Completed successfully!\n"
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
echo -e "${INFO}${YW} Connect via SSH and configure your LLM provider:${CL}"
echo -e "${TAB}${GATEWAY}${BGN}ssh hermes@${IP}${CL}"
echo -e "${TAB}${BGN}hermes setup${CL}"
echo -e "${INFO}${YW} API Server (OpenAI-compatible):${CL}"
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8642/v1${CL}"
echo -e "${INFO}${YW} API key stored at:${CL}"
echo -e "${TAB}${BGN}/home/hermes/.hermes/.env${CL}"
echo -e "${INFO}${YW} Web Dashboard (via SSH tunnel):${CL}"
echo -e "${TAB}${BGN}ssh -L 9119:localhost:9119 hermes@${IP}${CL}"
echo -e "${TAB}${BGN}Then open: http://localhost:9119${CL}"
Reference in New Issue View Git Blame Copy Permalink