Hermes Agent Vultr Marketplace — Packer Image Build

One-shot install for Hermes Agent on Ubuntu 24.04 with Vultr Inference, ttyd, code-server, Docker, Caddy, and Homebrew.

Architecture

Bare-metal install via Packer → Vultr snapshot.

File layout

├── Jenkinsfile              # Pipeline: validate → install packer → init → build
├── hermes.pkr.hcl           # Packer HCL template (Vultr plugin)
├── scripts/
│   ├── provision.sh         # Bake-time: system deps, hermes, docker, caddy, ttyd
│   └── cloud-init.yaml      # Deploy-time: metadata fetch, config, caddy TLS
├── install-hermes.sh        # Standalone installer (for manual deploys)
└── README.md

Bake-time (Packer snapshot)

Everything slow and static:

• apt packages (build-essential, curl, git, jq, python3-venv, zsh, ttyd, …)
• Hermes Agent from GitHub (v0.7.0)
• Docker CE
• Caddy (disabled until configured)
• code-server
• Oh My Zsh + Homebrew
• UFW with ssh/http/https/7681/8080 allowed
• Dedicated hermes system user with ~/.hermes/ pre-created
• ttyd and code-server systemd services created

Deploy-time (cloud-init)

Per-instance secrets and activation:

1. Fetch app-password, app-inf_api_key, app-domain from Vultr metadata
2. Write /home/hermes/.hermes/.env with Vultr Inference API key
3. Write /home/hermes/.hermes/config.yaml with model/provider config
4. Configure code-server with password
5. Start ttyd and code-server services
6. Write /etc/caddy/Caddyfile with domain, ZeroSSL TLS, basic auth
7. Start Caddy and wait for cert issuance
8. Shred the temp env file

Access URLs (after deploy)

• Hermes Terminal: https://your-domain.com/ (via ttyd)
• VS Code: https://your-domain.com/code/
• Basic Auth: Username hermes, password from Vultr metadata

Jenkins parameters

Parameter	Default	Description
HERMES_VERSION	v0.7.0	Hermes Agent git tag
VULTR_REGION	ewr	Build region
VULTR_PLAN	vc2-2c-4gb	Build instance size
VULTR_OS_ID	2284	Ubuntu 24.04 LTS

Credentials needed in Jenkins

Credential ID	Type	Purpose
VULTR_API_KEY	Secret text	Vultr API key for Packer to provision + snapshot

Vultr Marketplace Metadata Variables

Configure these in the Vultr marketplace app:

Variable	Description
app-password	Password for basic auth and code-server
app-inf_api_key	Vultr Inference API key
app-domain	Domain for TLS certificate

Available Models (Vultr Inference)

Model ID	Context	Notes
zai-org/GLM-5-FP8	200K	Default, reasoning-capable
deepseek-ai/DeepSeek-V3.2	128K	Reasoning-capable
google/gemma-4-31B-it	256K	Reasoning-capable
Qwen/Qwen2.5-Coder-32B-Instruct	131K	Code-focused
MiniMaxAI/MiniMax-M2.5	128K	General purpose
moonshotai/Kimi-K2.5	128K	General purpose

Manual Installation

For manual deploys without Packer, use the standalone installer:

# Without domain (HTTP only)
curl -fsSL https://raw.githubusercontent.com/.../install-hermes.sh | bash

# With domain (HTTPS via Caddy)
curl -fsSL https://raw.githubusercontent.com/.../install-hermes.sh | bash -s -- your-domain.com

Services

Service	Port	Description
ttyd-hermes	7681	Hermes terminal (web)
code-server-hermes	8080	VS Code (web)
caddy	80/443	Reverse proxy with auto-HTTPS
docker	-	Container runtime

Notes

• ttyd runs as root, drops privileges to hermes user via -u/-g flags
• code-server runs as hermes user
• Homebrew installed at /home/linuxbrew/.linuxbrew
• HOME and PATH environment variables set in systemd services for brew compatibility
• Caddyfile uses ZeroSSL primary (avoids LE rate limits), Let's Encrypt fallback