A commons, public goods project of NimbleCo.
Multiplayer admin and orchestrator platform for Hermes. Deploy, manage, and monitor multiple Hermes Agent instances from one dashboard β with built-in multi-tenant security, model cascades, and platform connections.
First of its kind, a point and click GUI for not just managing Hermes runtimes, but also who can do what and where. Solves the multi-tenant Hermes problem. View the godhead of complexity without derealizing. Share compute.
*Calm UX showing a variety of config settings for different hermes harness runtimes*
AI agents are most useful when they're always on β running on a server, reachable from your phone, remembering context across conversations. But running multiple agents across multiple platforms for multiple users? That's where it gets hard.
Hermes Swarm Map is the control plane. One UI to deploy, configure, and manage a fleet of Hermes agents β each with its own personality, memory, platform connections, and budget. Everything a single agent can do, but multiplied and multiplayer.
The indie hacker runs 3 agents: a customer support bot on Telegram, a research assistant on Signal, and a coding helper via API. Each has its own model cascade (Claude for complex tasks, Gemini Flash for quick ones), its own budget cap, and its own personality. HSM manages all three from one dashboard.
The small team gives each team member their own AI assistant on Mattermost. Memory is scoped per-channel β what the engineering channel discusses stays there. The team lead manages API keys, monitors costs, and approves new group connections from HSM.
The AI researcher runs 8 specialized agents across Signal and Telegram for different research domains. HSM handles group approval policies, model fallback chains, and cost tracking across the fleet. New agents deploy in minutes via the wizard.
π§ Setup Wizard β Deploy a new agent in 5 clicks. Opinionated defaults for compression, memory, security, and voice transcription so it works out of the box.
π Model Cascade β Ordered fallback chains across providers. Start with Claude, fall back to Gemini, fall back to local Ollama. Per-agent.
π Multi-Tenant Security β Per-context memory isolation, group approval policies, admin-only commands, encrypted API keys. Each conversation thread is a walled garden.
π Fleet Dashboard β See all your agents at a glance. Health, costs, session counts, model usage. Stop, restart, or rebuild any container from the UI.
π Platform Connections β Connect agents to Signal, Telegram, Mattermost, or expose them via API. Manage surfaces from the UI.
π° Budget Enforcement β Set monthly spend limits per API key. Agents self-throttle when budget is exceeded.
git clone https://github.com/NimbleCoAI/hermes-swarm-map.git
cd hermes-swarm-map
pnpm install
pnpm seed # first run: writes settings + tier config
pnpm dev # http://localhost:3000On first launch, the setup wizard detects your Hermes compose directories automatically. Point it at your agent directory and go.
New here? Read the Getting Started guide for a full walkthrough.
- Node.js 18+
- Docker running locally (used for container management)
- Hermes Agent instances β see NousResearch/hermes-agent
- Discovery β auto-detect Hermes agent containers and compose files
- Per-agent configuration β edit env vars, SOUL.md personas, surface connections
- Model cascade β ordered fallback chains across providers (Anthropic, OpenAI, Bedrock, etc.)
- Surface management β connect agents to Telegram, Signal, Mattermost
- Restart / rebuild / purge β container lifecycle via UI or API
- Policy enforcement β group access control, DM approval gating, admin resolution
- Agent creation wizard β scaffold and deploy new agents from the UI
- API key management β AES-256-GCM encrypted at rest
- Audit log β track who changed what and when
Build once, run in production mode:
pnpm build
npx next start --port 3000 --hostname 0.0.0.0Access from any machine on the network at http://<hostname>:3000. Run behind nginx or Tailscale for HTTPS or external access.
Set ALLOWED_DEV_ORIGINS in .env for dev mode on remote machines (see Configuration).
- Next.js 16 (App Router) + TypeScript
- Tailwind CSS v4 + shadcn/ui + Lucide Icons
- Docker CLI (via shell) for container management
- Vitest for testing
- AES-256-GCM key encryption at rest
- File-based agent config at
~/.hermes-swarm-map/
HSM assumes a reasonably trusted team β all users with access to the dashboard can manage all agents, keys, and configuration. There is no per-user role separation or access scoping within a deployment.
What's protected:
- API keys are encrypted at rest (AES-256-GCM) with a machine-local key
- Audit log tracks who changed what
- Per-agent memory scoping isolates conversation contexts
- Group approval policies gate which platforms agents can join
What's not scoped:
- Dashboard access is all-or-nothing β anyone who can reach the UI can manage the fleet
- Skills, tools, and agent configurations are shared across all operators
- The underlying Hermes agent harnesses remain vulnerable to prompt injection from malicious external content (messages, ingested documents), the same as any LLM-based system
In practice: run HSM on a private network or behind authentication (Tailscale, nginx basic auth, etc.) and limit access to people you trust with your API keys and agent configurations.
Any AI agent (Claude Code, Hermes, etc.) can orchestrate your fleet via the REST API β no GUI needed.
| Method | Path | Description |
|---|---|---|
GET |
/api/harnesses |
List all harnesses with live Docker state |
GET |
/api/harnesses/:id |
Single harness detail |
POST |
/api/harnesses/:id/restart |
Restart ({ mode: 'quick'|'rebuild'|'purge' }) |
POST |
/api/harnesses/:id/stop |
Stop |
POST |
/api/harnesses/:id/start |
Start |
POST |
/api/harnesses/restart-running |
Bulk quick-restart all running |
GET |
/api/harnesses/:id/logs |
Container logs (?lines=100) |
GET |
/api/harnesses/:id/models |
Model cascade config |
PUT |
/api/harnesses/:id/models |
Update cascade ({ cascade: [...] }) |
POST |
/api/harnesses/:id/duplicate |
Clone harness config ({ name }) |
POST |
/api/harnesses/:id/artifacts/sync |
Install missing manifest artifacts onto an existing agent, no-clobber ({ dryRun?, force? }) |
POST |
/api/setup/deploy |
Deploy new agent (full wizard payload) |
POST |
/api/setup/detect |
Scan for Hermes compose directories |
GET |
/api/keys |
List keys (masked, from agent .env files) |
GET |
/api/tools |
Tool registry (from agent configs) |
GET |
/api/memory-scopes |
Memory scopes per agent |
GET |
/api/audit |
Audit log (?who=&what=&since=) |
GET/PUT |
/api/settings |
App settings |
# Examples
curl http://localhost:3000/api/harnesses
curl -X POST http://localhost:3000/api/harnesses/h_myagent/restart \
-H "Content-Type: application/json" -d '{"mode":"quick"}'
curl http://localhost:3000/api/harnesses/h_myagent/logs?lines=50Copy .env.example to .env and set:
| Variable | Default | Description |
|---|---|---|
HERMES_DIR |
β | Path to your existing Hermes docker-compose files |
DATA_DIR |
~/.hermes-swarm-map |
Config, keys, audit logs, standalone compose files |
PORT |
3000 |
Port for the Swarm Map UI |
ALLOWED_DEV_ORIGINS |
β | Comma-separated hostnames for remote dev access |
Settings are stored at ~/.hermes-swarm-map/settings.json. API keys are encrypted at rest with a machine-local key at ~/.hermes-swarm-map/.key.
- Getting Started β deploy your first agent in 5 minutes
- Migrating Existing Agents β upgrade path for existing Hermes users
- Platform Setup β Signal, Telegram, Mattermost, Google Workspace guides
- Image vs HSM Boundary β what belongs in the Docker image vs HSM scaffolding
- Roadmap β what's shipped and what's next
- Contributing β development setup and PR process
- Architecture β service layer, patterns, and agentic development guide
AGPL v3. You can use, modify, and deploy this software freely. If you modify it and expose it over a network (e.g., as a hosted service), you must make your modified source code available under the same license. Self-hosting for your own agents requires no source disclosure.