PentestAgent Podman Quadlet Stack

This workspace provides a rootless Podman Quadlet setup with:

  • Shared bridge network: pentestagent-net
  • Pod: pentestagent
  • Containers in same pod/network namespace:
    • ollama (ollama/ollama:rocm)
    • litellm (ghcr.io/berriai/litellm:main-stable)
    • pentestagent (ghcr.io/gh05tcrew/pentestagent:latest)
    • pentestagent-kali (ghcr.io/gh05tcrew/pentestagent:kali) (optional)

1) Install files

Run on the Linux host where Podman + systemd user services run:

mkdir -p ~/.config/containers/systemd
mkdir -p ~/.config/pentestagent
mkdir -p ~/.local/share/pentestagent/{ollama,loot,workspace}

cp quadlet/*.network ~/.config/containers/systemd/
cp quadlet/*.pod ~/.config/containers/systemd/
cp quadlet/*.container ~/.config/containers/systemd/
cp config/litellm-config.yaml ~/.config/pentestagent/litellm-config.yaml
cp config/pentestagent.env.example ~/.config/pentestagent/pentestagent.env

2) Edit environment

Edit ~/.config/pentestagent/pentestagent.env and set at least:

  • PENTESTAGENT_MODEL=ollama/llama3.1 (or another local model)
  • Optional API keys for non-local providers

If you set LITELLM_MASTER_KEY, clients calling LiteLLM must include it.

3) Start with systemd user units

systemctl --user daemon-reload
systemctl --user enable --now pentestagent-network.service
systemctl --user enable --now pentestagent-pod.service
systemctl --user enable --now ollama.service
systemctl --user enable --now litellm.service

# Choose one runtime container (standard OR kali)
systemctl --user enable --now pentestagent.service
# systemctl --user enable --now pentestagent-kali.service

Check status/logs:

systemctl --user status ollama litellm pentestagent
journalctl --user -u ollama -u litellm -u pentestagent -f

4) Use services

  • LiteLLM endpoint: http://127.0.0.1:4000
  • Ollama endpoint: http://127.0.0.1:11434

Launch the TUI inside the running standard container:

podman exec -it pentestagent pentestagent

Launch the TUI inside the Kali container (if enabled):

podman exec -it pentestagent-kali pentestagent

Or run with explicit model routing through LiteLLM:

podman exec -it pentestagent env PENTESTAGENT_MODEL=ollama/llama3.1 pentestagent

Notes

  • ollama/ollama:rocm requires AMD ROCm-compatible host/device support.
  • If ROCm devices are unavailable, replace the image with ollama/ollama:latest and remove AddDevice lines in quadlet/ollama.container.
  • Run either pentestagent.service or pentestagent-kali.service to avoid duplicate idle runtime containers.
S
Description
No description provided
Readme 58 KiB
Languages
Shell 100%