Single Machine / VM
Artemis ships as a set of Docker Compose files managed by the ./artemis CLI (works with both docker compose and podman compose).
Review the prerequisites before starting.
1. Runtime
Install one of:
2. Latest artifacts
Loading latest release…Credentials for the file server and image registry are provided separately by TurinTech.
3. Transfer images to an internal registry
Air-gapped and locked-down deployments pull every container image from your own registry instead of from TurinTech's. The transfer.sh helper reads the same Container images list shown under latest artifacts, then copies all required images into the target registry under a turintech/ namespace, so you don't have to enumerate or tag images by hand.
Run it from a host that can reach both the source images and your internal registry (for fully air-gapped sites, this is typically a connected "jump" host or a DMZ mirror):
curl -fsSL https://turintech.github.io/artemis-deployment/transfer.sh | bash -s -- --target myregistry.internal:5000 --type docker
The script verifies access to both registries (prompting you to log in with your TurinTech credentials if needed), prints the full source → target transfer plan for confirmation, then copies each image.
Options
| Flag | Description |
|---|---|
-t, --target | Target registry, e.g. myregistry.internal:5000 (required) |
-T, --type | Image set to transfer: docker or kubernetes (required) |
-m, --method | Transfer method: crane (default) or docker |
-y, --yes | Skip all confirmation prompts; fails if not already logged in |
-h, --help | Show usage |
Transfer methods
crane(default): copies images registry-to-registry without storing them locally, so no large local disk or running Docker daemon is required.craneis downloaded automatically if it isn't already onPATH.docker: usesdocker pull/tag/push. Requires a running Docker daemon but no extra tooling.
Non-interactive (CI / scripted)
Log in to both registries first, then pass --yes to skip the prompts:
curl -fsSL https://turintech.github.io/artemis-deployment/transfer.sh | bash -s -- --target myregistry.internal:5000 --type docker --method docker --yes
After the transfer
Point the deployment at your registry by setting the following in .env.custom, then run ./artemis deploy:
REGISTRY=myregistry.internal:5000
SERVICES_REGISTRY=myregistry.internal:5000/turintech
4. Installation
Automated (recommended)
Run the installer with the credentials provided by TurinTech. It logs in to the container registry, downloads the deployment package, deploys all services, and creates the default admin user in one step:
curl -fsSL https://turintech.github.io/artemis-deployment/install.sh | bash -s -- --username <file-server-user> --password <file-server-password> --registry-username <registry-user> --registry-password <registry-password>
TurinTech provides all four credentials. The installer creates an artemis-<version>/ folder in the current directory. When it finishes, Artemis is running and the admin credentials are printed to the terminal.
Before using Artemis, add your LLM provider credentials to artemis-<version>/.env.custom and run ./artemis deploy to apply them. See Configuration for the available options.
Pass --skip-deploy if you want to review or edit .env.custom before the first deployment:
curl -fsSL https://turintech.github.io/artemis-deployment/install.sh | bash -s -- --username <file-server-user> --password <file-server-password> --registry-username <registry-user> --registry-password <registry-password> --skip-deploy
Then edit artemis-<version>/.env.custom and run ./artemis deploy && ./artemis create-users manually.
Manual
The flow is the same for online and air-gapped deployments. Steps marked Air-gapped only apply when the host has no internet access; skip them otherwise.
-
Provision a VM matching the hardware requirements.
-
Air-gapped only: transfer every image listed under container images into your internal registry. See Transfer images to an internal registry.
-
Authenticate with the image registry:
- Online:
docker login <registry> --username <registry-user> --password <registry-password> - Air-gapped:
docker login your.internal.registry:5000
- Online:
-
Download the deployment package and extract it (uses the credentials provided by TurinTech):
Loading latest release…Then move into the extracted folder:
cd artemis-…. -
Air-gapped only: edit
.env.customto point at your internal registry (this matches the values printed by the transfer script):REGISTRY=your.internal.registry:portSERVICES_REGISTRY=your.internal.registry:port/turintech -
Deploy Artemis:
./artemis deploy -
Create the admin user:
./artemis create-users -
Open Artemis at
http://<machine-ip>:80.
Run ./artemis info from the deployment folder to view the admin credentials you need to log in.
5. CLI reference
All operations are done with the ./artemis script from inside the deployment folder.
| Command | Description |
|---|---|
./artemis | List all available commands |
./artemis info | Show VM details and admin credentials |
./artemis images | List the images used by the deployment |
./artemis deploy | Deploy or update all services |
./artemis deploy <service> | Deploy a single service |
./artemis status | Show health status of all containers |
./artemis logs | Follow logs for all services |
./artemis logs <service> | Follow logs for a specific service |
./artemis restart | Restart all containers |
./artemis down | Stop all containers |
./artemis destroy | Remove containers and volumes |
./artemis update | Check for a new version and update |
6. Configuration
All customisation goes into .env.custom in the deployment folder. This file is never overwritten by updates or re-installs, so your changes persist across versions.
Do not edit the base .env file; it is reset on every update. Always use .env.custom.
LLM providers
Add the keys for the providers you use to .env.custom. Only configure the blocks for the providers you actually use.
Bedrock
ARTEMIS_BEDROCK_REGION=eu-central-1
ARTEMIS_BEDROCK_API_KEY=<value>
ARTEMIS_BEDROCK_ANTHROPIC_REGION=<value>
Vertex
Option A: private key.
ARTEMIS_VERTEX_PRIVATE_KEY=<value>
ARTEMIS_VERTEX_PROJECT=<value>
ARTEMIS_VERTEX_EMAIL=<value>
Option B: service account file. Drop vertex-key.json into ./keys/ and point the variable at the in-container path.
ARTEMIS_VERTEX_SERVICE_ACCOUNT_PATH=/tmp/files/vertex-key.json
OpenAI / Azure Foundry
ARTEMIS_OPENAI_TYPE selects the provider. It defaults to openai; set it to azure for Azure Foundry.
Official OpenAI
ARTEMIS_OPENAI_KEY=<value>
Azure Foundry (OpenAI models)
ARTEMIS_OPENAI_TYPE=azure
ARTEMIS_OPENAI_URL=<value>
ARTEMIS_OPENAI_KEY=<value>
Azure Foundry (Claude models)
ARTEMIS_AZURE_AI_URL=<value>
ARTEMIS_AZURE_AI_KEY=<value>
Optional: OpenAI behind an SSL-inspecting proxy
Drop your CA certificate into ./keys/openai.ca and set:
ARTEMIS_OPENAI_NO_SSL_VERIFY=true
ARTEMIS_OPENAI_SSL_CERT=/tmp/keys/openai.ca
Anthropic
ARTEMIS_ANTHROPIC_KEY=<value>
Cohere
ARTEMIS_COHERE_KEY=<value>
Deepseek
ARTEMIS_DEEPSEEK_KEY=<value>
7. Update
Automated
Run from inside the current deployment folder. The script checks for a newer version, prompts for confirmation, downloads it, and re-deploys your .env.custom and keys/ are carried over automatically:
./artemis update
Manual
-
Download the new deployment package and extract it:
Loading latest release… -
Air-gapped: ensure the new container images are in your internal registry. Re-run the transfer script to copy the new release's images across.
-
Move into the new folder and deploy:
cd artemis-… && ./artemis deploy -
Open Artemis at
http://<machine-ip>:80.
Run ./artemis info from the deployment folder to view the admin credentials.
Check the release notes for any new environment variables, and add them to .env.custom if needed.