# Hermes Agent Environment Configuration # Copy this file to .env and fill in your API keys # ============================================================================= # CORE SETTINGS # ============================================================================= # Agent backend: # - openai : default Hermes-Agent loop (OpenAI function-calling via OpenAI SDK) # - atropos : Atroposlib ServerManager/ManagedServer-backed loop (training/env integration) HERMES_BACKEND=openai # ============================================================================= # LOCAL / SELF-HOSTED OPENAI-COMPATIBLE ENDPOINTS (vLLM, SGLang, llama.cpp, etc.) # ============================================================================= # For local development (matches the Atropos test env defaults): # ATROPOS_SERVER_BASE_URL=http://127.0.0.1:8080 # ATROPOS_SERVER_MODEL=hermes-4-36b # For hosted inference (Nous Research inference API): ATROPOS_SERVER_BASE_URL= ATROPOS_SERVER_MODEL= ATROPOS_TOKENIZER_NAME= # Set this to your Nous API key (Bearer token). ATROPOS_SERVER_API_KEY= # Debugging (prints to stdout; use with care) # HERMES_DEBUG_ATROPOS_REQUEST=1 # HERMES_DEBUG_ATROPOS_RESPONSE=1 # HERMES_DEBUG_OPENAI_REQUEST=1 # HERMES_DEBUG_OPENAI_RESPONSE=1 # ============================================================================= # LOCAL / SELF-HOSTED OPENAI-COMPATIBLE ENDPOINTS (vLLM, SGLang, llama.cpp, etc.) # ============================================================================= # If you set ATROPOS_SERVER_BASE_URL or OPENAI_BASE_URL, Hermes will use it instead # of OpenRouter. # # Local server convenience (base URL without /v1): # llama.cpp example (see `Hermes-Agent/scripts/launch_llama_cpp_hermes_4_36b.sh`): # ATROPOS_SERVER_BASE_URL=http://127.0.0.1:8080 # ATROPOS_SERVER_MODEL=hermes-4-36b # ATROPOS_TOKENIZER_NAME=NousResearch/Hermes-4.3-36B # ATROPOS_SERVER_API_KEY=local # # Hosted Nous inference API: # ATROPOS_SERVER_BASE_URL=https://inference-api.nousresearch.com # ATROPOS_SERVER_MODEL=Hermes-4.3-36B # ATROPOS_TOKENIZER_NAME=NousResearch/Hermes-4.3-36B # ATROPOS_SERVER_API_KEY=sk-... (Bearer token) # # If you plan to run GRPO-style group sampling (e.g. `--env.group_size 4`) against # llama.cpp, start the server with at least that many slots, e.g.: # LLAMA_CPP_PARALLEL=4 Hermes-Agent/scripts/launch_llama_cpp_hermes_4_36b.sh # # Generic OpenAI-compatible (base URL should include /v1): # OPENAI_BASE_URL=http://127.0.0.1:8080/v1 # OPENAI_API_KEY=local # ============================================================================= # LLM PROVIDER (OpenRouter) # ============================================================================= # OpenRouter provides access to many models through one API # All LLM calls go through OpenRouter - no direct provider keys needed # Get your key at: https://openrouter.ai/keys OPENROUTER_BASE_URL=https://openrouter.ai/api/v1 OPENROUTER_API_KEY= # Default model to use (OpenRouter format: provider/model) # Examples: anthropic/claude-opus-4.6, openai/gpt-4o, google/gemini-2.0-flash, zhipuai/glm-4-plus LLM_MODEL=anthropic/claude-opus-4.6 # ============================================================================= # TOOL API KEYS # ============================================================================= # Firecrawl API Key - Web search, extract, and crawl # Get at: https://firecrawl.dev/ FIRECRAWL_API_KEY= # Nous Research API Key - Vision analysis and multi-model reasoning # Get at: https://inference-api.nousresearch.com/ NOUS_API_KEY= # FAL.ai API Key - Image generation # Get at: https://fal.ai/ FAL_KEY= # ============================================================================= # TERMINAL TOOL CONFIGURATION (mini-swe-agent backend) # ============================================================================= # Backend type: "local", "singularity", "docker", "modal", or "ssh" # - local: Runs directly on your machine (fastest, no isolation) # - ssh: Runs on remote server via SSH (great for sandboxing - agent can't touch its own code) # - singularity: Runs in Apptainer/Singularity containers (HPC clusters, no root needed) # - docker: Runs in Docker containers (isolated, requires Docker + docker group) # - modal: Runs in Modal cloud sandboxes (scalable, requires Modal account) TERMINAL_ENV=local # Container images (for singularity/docker/modal backends) TERMINAL_DOCKER_IMAGE=python:3.11 TERMINAL_SINGULARITY_IMAGE=docker://python:3.11 TERMINAL_MODAL_IMAGE=python:3.11 # Working directory for terminal commands # For CLI: "." means current directory (resolved automatically from config.yaml) # For containers (docker/singularity/modal): absolute path inside the container # Usually managed by config.yaml (terminal.cwd) — uncomment to override # TERMINAL_CWD=. # Default command timeout in seconds TERMINAL_TIMEOUT=60 # Cleanup inactive environments after this many seconds TERMINAL_LIFETIME_SECONDS=300 # ============================================================================= # SSH REMOTE EXECUTION (for TERMINAL_ENV=ssh) # ============================================================================= # Run terminal commands on a remote server via SSH. # Agent code stays on your machine, commands execute remotely. # # SECURITY BENEFITS: # - Agent cannot read your .env file (API keys protected) # - Agent cannot modify its own code # - Remote server acts as isolated sandbox # - Can safely configure passwordless sudo on remote # # TERMINAL_SSH_HOST=192.168.1.100 # TERMINAL_SSH_USER=agent # TERMINAL_SSH_PORT=22 # TERMINAL_SSH_KEY=~/.ssh/id_rsa # ============================================================================= # SUDO SUPPORT (works with ALL terminal backends) # ============================================================================= # If set, enables sudo commands by piping password via `sudo -S`. # Works with: local, docker, singularity, modal, and ssh backends. # # SECURITY WARNING: Password stored in plaintext. Only use on trusted machines. # # ALTERNATIVES: # - For SSH backend: Configure passwordless sudo on the remote server # - For containers: Run as root inside the container (no sudo needed) # - For local: Configure /etc/sudoers for specific commands # - For CLI: Leave unset - you'll be prompted interactively with 45s timeout # # SUDO_PASSWORD=your_password_here # ============================================================================= # MODAL CLOUD BACKEND (for TERMINAL_ENV=modal) # ============================================================================= # Modal provides cloud sandboxes with per-second billing and auto-scaling. # This implementation uses a warm pool of sandboxes for cost efficiency. # # SETUP: # pip install modal && modal setup # (Authenticates via browser, stores credentials locally) # # FEATURES: # - Auto-scaling warm sandbox pool (no cold start after first use) # - Named sandbox recovery (reconnects after restart) # - Profile-based heterogeneous environments (CPU, GPU, different images) # - Server-side idle_timeout protection against orphaned sandboxes # Modal app name (groups all sandboxes, used for recovery) TERMINAL_MODAL_APP_NAME=hermes-sandbox # Default profile when none specified TERMINAL_MODAL_DEFAULT_PROFILE=default # Profile config file (optional - YAML format, see modal_profiles.yaml) # TERMINAL_MODAL_PROFILES_FILE=modal_profiles.yaml # --- Default Profile Settings (used if no YAML file) --- # These apply when no profile is specified or for the "default" profile TERMINAL_MODAL_IMAGE=python:3.11 TERMINAL_MODAL_MIN_POOL=1 TERMINAL_MODAL_MAX_POOL=5 TERMINAL_MODAL_IDLE_TIMEOUT=120 TERMINAL_MODAL_MAX_LIFETIME=3600 TERMINAL_MODAL_SCALE_DOWN_IDLE=180 # --- Custom Profile Example: pytorch-gpu --- # Uncomment to enable a GPU profile for ML tasks # Usage: terminal_tool("python train.py", profile="pytorch-gpu") # # TERMINAL_MODAL_PROFILE_pytorch_gpu_IMAGE=pytorch/pytorch:2.1.0-cuda12.1-cudnn8-runtime # TERMINAL_MODAL_PROFILE_pytorch_gpu_GPU=T4 # TERMINAL_MODAL_PROFILE_pytorch_gpu_MEMORY=16384 # TERMINAL_MODAL_PROFILE_pytorch_gpu_MIN_POOL=0 # TERMINAL_MODAL_PROFILE_pytorch_gpu_MAX_POOL=2 # TERMINAL_MODAL_PROFILE_pytorch_gpu_IDLE_TIMEOUT=60 # --- Custom Profile Example: node --- # Uncomment to enable a Node.js profile # Usage: terminal_tool("npm test", profile="node") # # TERMINAL_MODAL_PROFILE_node_IMAGE=node:18 # TERMINAL_MODAL_PROFILE_node_MIN_POOL=0 # TERMINAL_MODAL_PROFILE_node_MAX_POOL=3 # ============================================================================= # MODAL SECRETS (Secure credential injection) # ============================================================================= # Modal Secrets allow you to securely pass API keys, passwords, and other # sensitive data to your sandboxes without exposing them in code or logs. # # SETUP SECRETS: # 1. Via Dashboard: https://modal.com/secrets # 2. Via CLI: modal secret create my-secret KEY1=value1 KEY2=value2 # 3. Via CLI with env: modal secret create my-secret API_KEY="$API_KEY" # # LIST SECRETS: # modal secret list # # DELETE SECRETS: # modal secret delete my-secret # Global secrets applied to ALL profiles (comma-separated secret names) # These secrets must be created on Modal dashboard or via CLI first # TERMINAL_MODAL_SECRETS=my-api-keys,database-creds # Per-profile secrets (comma-separated secret names) # TERMINAL_MODAL_PROFILE_pytorch_gpu_SECRETS=huggingface-token,wandb-key # Per-profile environment variables (semicolon-separated KEY=VALUE pairs) # TERMINAL_MODAL_PROFILE_default_ENV_VARS=DEBUG=1;LOG_LEVEL=info # Load local .env file into sandbox (useful for development) # TERMINAL_MODAL_PROFILE_default_USE_DOTENV=true # ============================================================================= # BROWSER TOOL CONFIGURATION (agent-browser + Browserbase) # ============================================================================= # Browser automation requires Browserbase cloud service for remote browser execution. # This allows the agent to navigate websites, fill forms, and extract information. # # STEALTH MODES: # - Basic Stealth: ALWAYS active (random fingerprints, auto CAPTCHA solving) # - Advanced Stealth: Requires BROWSERBASE_ADVANCED_STEALTH=true (Scale Plan only) # Browserbase API Key - Cloud browser execution # Get at: https://browserbase.com/ BROWSERBASE_API_KEY= # Browserbase Project ID - From your Browserbase dashboard BROWSERBASE_PROJECT_ID= # Enable residential proxies for better CAPTCHA solving (default: true) # Routes traffic through residential IPs, significantly improves success rate BROWSERBASE_PROXIES=true # Enable advanced stealth mode (default: false, requires Scale Plan) # Uses custom Chromium build to avoid bot detection altogether BROWSERBASE_ADVANCED_STEALTH=false # Browser session timeout in seconds (default: 300) # Sessions are cleaned up after this duration of inactivity BROWSER_SESSION_TIMEOUT=300 # Browser inactivity timeout - auto-cleanup inactive sessions (default: 120 = 2 min) # Browser sessions are automatically closed after this period of no activity BROWSER_INACTIVITY_TIMEOUT=120 # ============================================================================= # SESSION LOGGING # ============================================================================= # Session trajectories are automatically saved to logs/ directory # Format: logs/session_YYYYMMDD_HHMMSS_UUID.json # Contains full conversation history in trajectory format for debugging/replay # ============================================================================= # LEGACY/OPTIONAL API KEYS # ============================================================================= # Morph API Key - For legacy Hecate terminal backend (terminal-hecate tool) # Get at: https://morph.so/ MORPH_API_KEY= # Hecate VM Settings (only if using terminal-hecate tool) HECATE_VM_LIFETIME_SECONDS=300 HECATE_DEFAULT_SNAPSHOT_ID=snapshot_p5294qxt # ============================================================================= # DEBUG OPTIONS # ============================================================================= WEB_TOOLS_DEBUG=false VISION_TOOLS_DEBUG=false MOA_TOOLS_DEBUG=false IMAGE_TOOLS_DEBUG=false # ============================================================================= # CONTEXT COMPRESSION (Auto-shrinks long conversations) # ============================================================================= # When conversation approaches model's context limit, middle turns are # automatically summarized to free up space. # # CONTEXT_COMPRESSION_ENABLED=true # Enable auto-compression (default: true) # CONTEXT_COMPRESSION_THRESHOLD=0.85 # Compress at 85% of context limit # CONTEXT_COMPRESSION_MODEL=google/gemini-2.0-flash-001 # Fast model for summaries # ============================================================================= # RL TRAINING (Tinker + Atropos) # ============================================================================= # Run reinforcement learning training on language models using the Tinker API. # Requires the rl-server to be running (from tinker-atropos package). # Tinker API Key - RL training service # Get at: https://tinker-console.thinkingmachines.ai/keys TINKER_API_KEY= # Weights & Biases API Key - Experiment tracking and metrics # Get at: https://wandb.ai/authorize WANDB_API_KEY= # RL API Server URL (default: http://localhost:8080) # Change if running the rl-server on a different host/port # RL_API_URL=http://localhost:8080