Installation Guide

Deploy your AI agent

Run Hermes or OpenClaw two ways: fully managed in about 30 seconds, or self-hosted with full control. Pick your path.

Recommended

Managed by AgentOcean

We provision a dedicated VPS, install your agent, configure HTTPS, and keep it updated and backed up. Zero setup.

  • Live in ~30 seconds
  • Automatic updates & daily backups
  • HTTPS + custom domain, managed
  • 24/7 monitoring
View plans & pricing

Self-hosted

Run it yourself on your own server for full control. You handle setup, updates, and maintenance.

What you'll need

  • A VPS — Ubuntu 22.04+, 2 GB RAM
  • Node.js 18+ (or Docker)
  • Your AI provider API key (BYOK)
Read the self-host guide ↓

Self-host it yourself

1 · Pick your agent & install

Choose which agent to run, then install it on your machine or server.

Hermes is the self-improving agent by Nous Research — memory, skills, and multi-platform messaging built in.

git clone https://github.com/NousResearch/hermes-agent.git
cd hermes-agent
pnpm install
cp .env.example .env   # add ANTHROPIC_API_KEY or OPENROUTER_API_KEY
pnpm start

2 · Production setup

Run it as a managed service behind HTTPS. Steps below use OpenClaw; Hermes follows the same pattern with its own start command.

1

Provision a VPS

Get a VPS with Ubuntu 22.04+ and at least 2 GB RAM. SSH in as root or a sudo user.

ssh root@your-server-ip
2

Install Node.js and pnpm

Install Node.js 18+ and pnpm package manager.

# Install Node.js 22.x
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt install -y nodejs

# Install pnpm
corepack enable
corepack prepare pnpm@latest --activate

# Verify
node --version && pnpm --version
3

Install OpenClaw

Install OpenClaw globally via pnpm.

pnpm add -g openclaw
4

Generate gateway token and configure

Generate a secure token and create the OpenClaw config with remote access enabled.

# Generate a gateway token
GATEWAY_TOKEN=$(openssl rand -hex 32)
echo "Your gateway token: $GATEWAY_TOKEN"

# Create config directory
mkdir -p ~/.openclaw

# Write config with remote access enabled
cat > ~/.openclaw/openclaw.json << EOF
{
  "gateway": {
    "trustedProxies": ["127.0.0.1", "::1"],
    "controlUi": {
      "enabled": true,
      "allowInsecureAuth": true,
      "dangerouslyDisableDeviceAuth": true,
      "allowedOrigins": ["https://your-domain.com"]
    },
    "auth": {
      "mode": "token",
      "token": "$GATEWAY_TOKEN"
    }
  }
}
EOF
5

Configure your AI provider

Add your API key for OpenRouter, Anthropic, or another provider.

# Add to ~/.bashrc or ~/.profile
export OPENROUTER_API_KEY="sk-or-v1-your-key"

# Or for Anthropic directly:
export ANTHROPIC_API_KEY="sk-ant-your-key"
6

Create a systemd service

Run OpenClaw as a background service that starts on boot and restarts on crash.

sudo cat > /etc/systemd/system/openclaw.service << 'EOF'
[Unit]
Description=OpenClaw Gateway
After=network.target

[Service]
Type=simple
User=admin
ExecStart=/usr/local/bin/openclaw gateway run
Restart=on-failure
RestartSec=5
Environment=NODE_ENV=production

[Install]
WantedBy=multi-user.target
EOF

sudo systemctl daemon-reload
sudo systemctl enable openclaw
sudo systemctl start openclaw
7

Set up HTTPS with Caddy

Install Caddy as a reverse proxy. It handles SSL certificates automatically.

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update && sudo apt install caddy
8

Access the dashboard

Open the tokenized URL in your browser.

https://your-domain.com/#token=<your-gateway-token>

Useful commands:

# View logs
journalctl -u openclaw -f

# Restart
sudo systemctl restart openclaw

# Update OpenClaw
pnpm add -g openclaw@latest
sudo systemctl restart openclaw

# Check status
sudo systemctl status openclaw

Note: You are responsible for server maintenance, security updates, backups, and monitoring. OpenClaw updates require manual package upgrades and service restarts.

Rather skip all this?

Launch a fully managed Hermes or OpenClaw agent in about 30 seconds — no Docker, no Caddy, no config files.

View plans