Free knowledge sharing on all things Agentic AI

How to Sandbox Hermes with Multipass?

An honest Ubuntu VM, no container layer. Run Hermes inside Canonical’s Multipass on macOS Sonoma with one shared folder.

Setup time ~30 minutes
Disk budget ~15 GB (cap at 20 GB)
One-time cost Free
Going cost Free (GPL-3)

Ingredients

Multipass is the answer when you do not want containers at all. You get a full Ubuntu LTS install, with its own kernel, its own systemd, its own networking — an environment that looks and behaves exactly like a small cloud server. That makes it easy to port the same recipe to a VPS later, and easy to use apt, systemctl, and friends without any of the awkwardness of running them inside a container.

1 Install Multipass

brew install --cask multipass

Verify: 

multipass version

2 Launch a capped VM

multipass launch 24.04 \
    --name hermes \
    --cpus 4 \
    --memory 4G \
    --disk 20G

The first launch downloads the Ubuntu 24.04 cloud image (~600 MB) and boots the VM. After that, starting and stopping is fast.

3 Mount the one shared folder

mkdir -p ~/hermes-workspace

multipass mount ~/hermes-workspace hermes:/workspace

The mount uses SSHFS under the hood. It survives across multipass stop / multipass start — you do not need to remount each time.

Confirm the seam: 

multipass exec hermes -- bash -c 'ls -la /workspace && touch /workspace/hi.txt'
ls -la ~/hermes-workspace/hi.txt

4 Drop into the VM

multipass shell hermes

From here on, everything you install lives inside the VM.

5 Install your own Python with pyenv

sudo apt update
sudo apt install -y build-essential curl git \
    libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev \
    libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev \
    libffi-dev liblzma-dev

curl https://pyenv.run | bash

Add the pyenv stanza to ~/.bashrc: 

export PYENV_ROOT="$HOME/.pyenv"
[[ -d $PYENV_ROOT/bin ]] && export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
exec bash
pyenv install 3.12.7
pyenv global 3.12.7

6 Install your own Node with fnm

curl -fsSL https://fnm.vercel.app/install | bash
exec bash

fnm install 22
fnm default 22

7 Install Hermes and point it at /workspace

cd ~
git clone https://github.com/NousResearch/hermes-agent.git
cd hermes-agent

python -m venv .venv
source .venv/bin/activate
pip install -e .

export HERMES_WORKSPACE=/workspace
echo 'export HERMES_WORKSPACE=/workspace' >> ~/.bashrc

hermes run --workspace /workspace

Day-to-day commands

# stop the VM (RAM released, disk preserved)
multipass stop hermes

# start it again
multipass start hermes

# unmount and remount the workspace
multipass umount hermes:/workspace
multipass mount ~/hermes-workspace hermes:/workspace

# wipe the whole VM (workspace folder untouched)
multipass delete hermes
multipass purge
SSHFS quirk: Multipass mounts use SSHFS, which is convenient but slower than VirtioFS for large numbers of small files. If Hermes is going to read and write thousands of tiny files in /workspace, consider OrbStack or Colima instead. For a few dozen large files a day, SSHFS is perfectly fine.

What you end up with

A genuine Ubuntu 24.04 LTS VM on your Mac, capped at 4 CPUs / 4 GB RAM / 20 GB disk, with one SSHFS-mounted folder as its only window onto the host. Inside it: your own Python, your own Node, your own Hermes, and everything you would expect from a small Linux server.

Back to the main recipe

← How to Run Hermes in a macOS Sandbox?

Further reading