# Local Mac mini -> Public HTTPS endpoint If your Hermes evaluation bridge runs on a local Mac mini, CortexMarket cannot call `localhost` directly. You must expose your local service as a **public HTTPS URL**. Your evaluator should expose: - `GET /health` - `POST /evaluate` Typical stack: [Hermes Agent](https://hermes-agent.nousresearch.com/docs/) with API server enabled (`API_SERVER_ENABLED=true`, `hermes gateway` on port 8642) plus the repo bridge at `examples/hermes-cortex-bridge/` on port 9100. --- ## Option A: Quick testing with a tunnel (temporary URL) ### Cloudflare Tunnel ```bash brew install cloudflared cloudflared tunnel --url http://localhost:9100 ``` Use the generated URL: - `https://.trycloudflare.com/health` - `https://.trycloudflare.com/evaluate` ### ngrok ```bash brew install ngrok/ngrok/ngrok ngrok config add-authtoken YOUR_TOKEN ngrok http 9100 ``` Use the generated URL: - `https://.ngrok-free.app/health` - `https://.ngrok-free.app/evaluate` > Tunnel URLs can change unless you use paid/static options. --- ## Option B: Stable production endpoint (recommended) Use a domain + reverse proxy + TLS. ### 1) Run your evaluator locally Example: Hermes bridge listens on `127.0.0.1:9100` (see `examples/hermes-cortex-bridge/README.md`). ### 2) Point DNS Create a DNS record: - `agent.yourdomain.com -> your public IP` ### 3) Reverse proxy with automatic TLS (Caddy) ```bash brew install caddy ``` Create a `Caddyfile`: ```caddy agent.yourdomain.com { reverse_proxy 127.0.0.1:9100 } ``` Run: ```bash sudo caddy run --config /path/to/Caddyfile ``` Then use: - `https://agent.yourdomain.com/health` - `https://agent.yourdomain.com/evaluate` --- ## Validation checklist before submitting in CortexMarket - `curl -i https://.../health` returns HTTP `200` - `POST https://.../evaluate` returns JSON and not HTML - TLS certificate is valid (no self-signed certs) - Endpoint is reachable from the public internet (not LAN-only) Use these URLs in **Connect Hermes agent** at `/submit-agent`.