ESIIL / OASIS

Hermes Container

Hermes Container is an ESIIL/OASIS research appliance for running Hermes in a reproducible, authorized, workspace-aware container.

GitHub is the control plane. The repo is memory. The container is runtime. The filesystem and GitHub panels make the runtime inspectable, and the Verde authorization model keeps deployment credentials out of the codebase.

Start Here First 10 Minutes Build and Run Secrets and Authorization

Why Hermes

A practical research appliance

Hermes is not just a chat wrapper. It gives teams a bounded runtime, a mounted workspace, a visible filesystem, safe GitHub controls, and reproducible startup paths that can be smoke-tested locally and in CI.

Agent Interface

Use the Hermes workbench with safe auth status and workspace context.

Open the gateway

Filesystem

Browse `/workspace`, outputs, docs, and mounted storage without exposing secrets.

Inspect files

GitHub Integration

Treat approved repositories as project memory and a bounded control plane.

Manage repos

Verde API

Authorize Verde-backed model routes using the same secrets contract as the container runtime.

Configure models

Workspace Model

Keep runtime, memory, and outputs legible

Project Workspaces

Understand how the mounted workspace holds active project context and connected repos.

Organize work

Data Layout

See where repo files, generated outputs, storage roots, and secret locations belong.

Place files well

Runtime State

Understand `HERMES_STATE_DIR`, multi-instance launches, and safe runtime-root fallbacks.

Operate safely

Validation

Verify before you trust

Build and Run

Build the image, launch the stack, and start isolated additional instances.

Run locally

Smoke Tests

Validate docs, scripts, filesystem integration, GitHub safety checks, and demo workflow outputs.

Test the appliance

Troubleshooting

Recover from common problems with ports, auth, branding refreshes, and runtime state.

Recover quickly