Run Hermes in Docker — Sandboxed Command Execution
Configure Hermes Agent to execute terminal commands inside isolated Docker containers for security and reproducibility.
Docker backend runs every terminal command inside an isolated container. The agent can't access your host filesystem, API keys, or system files unless you explicitly mount them. Perfect for untrusted tasks, CI/CD pipelines, or when you want reproducible environments.
Managed cloud · API costs included · Skill library · Cancel anytime
Before you start:
- ☑Hermes Agent installed
- ☑Docker installed and running
- ☑Sufficient disk space for container images (~2GB)
Steps
- 1
Install Docker
Ensure Docker is installed and running: docker --version
- 2
Set the terminal backend
In config.yaml, set terminal: backend: docker
- 3
Choose a container image
Set terminal: docker_image: nikolaik/python-nodejs:python3.11-nodejs20
- 4
Configure resource limits
Set container_cpu, container_memory, and container_disk under terminal:
- 5
Enable persistence (optional)
Set terminal: container_persistent: true to keep the filesystem across sessions
- 6
Mount your working directory
Set terminal: docker_mount_cwd_to_workspace: true to access local files
Pro Tips
- 💡The default image nikolaik/python-nodejs includes Python 3.11 and Node.js 20 — covers most development tasks
- 💡Use docker_forward_env to pass specific environment variables into the container (e.g., GITHUB_TOKEN)
- 💡Set container_persistent: false for ephemeral sandboxes that reset after each session
- 💡Resource limits prevent runaway processes: container_memory: 5120 (5GB), container_cpu: 2
Troubleshooting
❌ Docker commands fail with permission denied
✅ Add your user to the docker group: sudo usermod -aG docker $USER, then log out and back in.
❌ Container can't access local files
✅ Set docker_mount_cwd_to_workspace: true in config.yaml. This mounts your current directory to /workspace inside the container.
❌ Container runs out of disk space
✅ Increase container_disk (in MB) or run docker system prune to clean up old images and containers.
❌ Commands are slow to start
✅ First run pulls the image which takes time. Subsequent runs use the cached image. Use container_persistent: true to avoid environment setup on each session.