⚡ Hermes Home 1 · Run the server 2 · Make it reachable 3 · Connect your app Ecosystem Troubleshooting 🧠 ELI5 — What is Hermes? 🤖 Best Models 🌎 Community
Setup guide

Hermes, on every device

Run one server. Connect a native app from your laptop, your phone, or any browser. Your sessions, memory, and agent travel with you.

Step 1

Run the server

One clone, one command. This is the brain — your data and agent live here.
Step 2

Connect an app

Install a client on each device and point it at your server. Done.

How it fits together. Hermes WebUI is a full Hermes backend — one server holding your conversations, memory, scheduled jobs, workspace, and the whole Hermes Agent. Every app below is a client that connects to that server, so the same Hermes follows you across devices. Set the server up once, then connect as many clients as you want.

1 Run the server

Stand up Hermes WebUI

On any machine you control — macOS, Linux, or Windows via WSL2 — with Python 3.11+ and git. The bootstrap finds or installs Hermes Agent, sets up the environment, and walks you through first-run onboarding.

bash — one-liner
curl -fsSL https://get-hermes.ai/install.sh | bash

Clones the Web UI to ~/hermes-webui, installs Hermes Agent if it's missing, and starts the server on 127.0.0.1:8787. Safe to re-run to update. Open that URL in any browser and the full Web UI is there. To relaunch later, run ./start.sh.

Install manually, or set up Hermes Agent yourself

Prefer to read the script first? View install.sh. Or clone & start by hand:

bash — manual
git clone https://github.com/nesquena/hermes-webui.git
cd hermes-webui
python3 bootstrap.py

Need Hermes Agent first?

Hermes WebUI runs on the Hermes Agent. The one-liner installs it automatically if it's missing — or set it up directly:

bash — install Hermes Agent
curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash
source ~/.bashrc      # reload your shell
hermes model          # choose your LLM provider

Full walkthrough: the Hermes installation guide →

Set a password before you expose it

Auth is off by default on localhost. Before putting the server on a network (Step 2), set a password — in the Web UI's Settings panel, or inline:

bash — start with a password
HERMES_WEBUI_PASSWORD=your-secret ./start.sh

Verify it's running

bash — health check
curl http://127.0.0.1:8787/health
That's the whole server. If you only use Hermes in a browser on this same machine, you're done — open http://127.0.0.1:8787 and start. To reach it from your phone or another computer, keep going.
2 Make it reachable

Reach your server from anywhere

On the same machine, 127.0.0.1:8787 already works — skip ahead. To connect from another device (your phone, a second laptop) or to a server in the cloud (a VPS), give it an address those devices can reach. Pick one path:

Tailscale Easiest

Tailscale puts your devices on one private network — nothing is exposed to the internet. Install on both, sign into the same tailnet, then bind the server to all interfaces:

on the server
HERMES_WEBUI_HOST=0.0.0.0 \
HERMES_WEBUI_PASSWORD=secret ./start.sh
tailscale ip -4   # your 100.x address

SSH tunnel For a VPS

Already SSH into a remote box or VPS? Forward the port over your existing SSH connection — no extra software, nothing public. Run this on your local machine:

on your laptop
ssh -L 8787:localhost:8787 \
    you@your-server

Now http://127.0.0.1:8787 on your laptop reaches the remote server.

Cloudflare Public HTTPS

Cloudflare Tunnel dials out from your machine — no port-forwarding, real HTTPS at a public hostname.

on the server
brew install cloudflared
cloudflared tunnel \
  --url http://localhost:8787

Prints a public trycloudflare.com URL. Your password is required here.

3 Connect your app

Get a client on every device

Each app is a thin native client for the server you just stood up. Install it, enter your server URL, sign in — and your Hermes is there. Run as many as you like; they all share one backend.

You're on your device — we floated the best app to the front.
You
Web
Any browser · zero install
The Web UI ships inside the server. Open your server URL in any browser, desktop or mobile, and you're in.
Open your server URL You
Windows
Native desktop app
A fast native desktop app with tabs, tray, and window management. Grab the latest installer.
Download from Releases You
Linux
Native desktop app
The same cross-platform Rust desktop app, packaged for Linux. Download the latest build.
Download from Releases You
macOS
Native Swift app
A polished native macOS client built in Swift — menu bar, notifications, the works. Download the .dmg.
Download from Releases You
iOS
iPhone & iPad · App Store
Hermex is a native iOS client — your server URL lives in the Keychain, and Hermes is a tap away. Free on the App Store.
Download on the App Store You
Android
Native app · early access
A native Android client for Hermes WebUI. Grab the latest APK from releases — Play Store listing soon.
Download from Releases

Which URL do I enter?

In any app, tap where it asks for your Server URL, enter the address that matches where you're connecting from, then sign in with your password. The web client uses the same URLs in your browser's address bar.

Connecting fromServer URL to enter
Same machine as the serverhttp://127.0.0.1:8787
Another device on yourhome / office network (LAN)http://<server-local-ip>:8787
Anywhere, via Tailscalehttp://<tailscale-100.x-ip>:8787
A VPS, via SSH tunnelhttp://127.0.0.1:8787 (once the tunnel from Step 2 is open)
Anywhere, via Cloudflarehttps://your-hostname
Most people on a phone use their Tailscale address or Cloudflare hostname — 127.0.0.1 only works on the same machine as the server. After entering the URL, tap Test Connection, then sign in. Your URL is stored on-device; your data stays on your server.

Extend & explore

Hermes WebUI is an open ecosystem — add extensions, and see how the whole thing is maintained.

Extensions library

A growing set of extensions that add to your Web UI — install the ones you want, or build your own.

Browse extensions

StewardOS

WebUI is maintained by Hermes agents. The open framework behind that whole operation is documented here.

Read StewardOS

Troubleshooting

An app can't reach the server

Work outward. On the server, run curl http://127.0.0.1:8787/health. If that's fine, open your Tailscale or Cloudflare URL in another device's browser. Whichever hop fails is the one to fix — and remember 127.0.0.1 only works on the server's own machine.

I'm on my phone — what URL do I use?

Not 127.0.0.1 — that points the phone at itself. Use your server's Tailscale address (http://100.x.x.x:8787) or your Cloudflare hostname (https://…). See the "Which URL do I enter?" table above.

My server is a VPS in the cloud

Two clean options: open an SSH tunnel (ssh -L 8787:localhost:8787 you@vps) and connect to http://127.0.0.1:8787 locally, or run Cloudflare Tunnel on the VPS for a public HTTPS hostname you can use from any device. Avoid exposing port 8787 directly to the internet.

The Cloudflare tunnel URL stopped working

Quick tunnels (trycloudflare.com) get a new URL each restart. For a stable hostname, create a named tunnel on a domain you've added to Cloudflare, and keep cloudflared running.

Sign-in keeps failing

The password in your app must match HERMES_WEBUI_PASSWORD on the server (or the one set in Settings). An inline variable only applies to that launch — persist it in the server's .env for restarts.

Port 8787 is already taken

Start on another port with HERMES_WEBUI_PORT=8788 ./start.sh, and use that port everywhere — your client URL, the tunnel command, and the SSH forward.

Ready to go everywhere?

Run the server, connect your apps, take Hermes with you.

Get Hermes WebUI → Back to home