andrew pikul

Newest Post:

March 10, 2020- Healthy Environments for Creative Performance

Some stress is healthy and realistic. Some stress has a negative impact on productivity. Let's see some examples ... read more

August 19, 2019- Why Senior Engineers Should Write Docs

Why do so many engineering organizations do documentation so poorly? We have great software ecosystems, but we rarely publish a first draft. Maybe its difficult to see business value, but its there! And more ... read more

August 10, 2019- Creatively Managing Engineers

Programming is relentlessly structured by business value: it's always about the MVP with product-market fit. Managers wish it was a simple ... read more

All Posts

job hunter
ajpikul at gmail
General Resume
Me | Skills
github instagram twitter linkedin
Projects featured here are actively maintained. You can learn more by clicking on their tab, including the concept, the technology, and the roadmap. My github has lots of work, but much of it is archived.


  • contate
    contate is a static document generator for sysadmins. It allows you to embed shebangs (#!) directly into any document, and the document is parsed and output instead of the script code.
  • authdoor
    a work in progress, authdoor is a CLI and config wrapper for golang's net/http, meant to allow us to use the golang API the same way we use nginx or apache. It also integrates exchangeable authentication schemes.
  • static template
    static template is a monorepo to bootstrap websites using contate, sass, and other common tools (such as eslint and w3validator).
  • sslcheck
    sslcheck verifies the ssl certificate chain for any domain, returning a structure with information about them.
  • auditmatic
    auditmatic can be imagined as a user-local implementation of initrc and chron- it's intended to provide basic system information through any executable file about a system, providing digital asset management.
  • bike melter
    bike melter is a hardware project based on the esp32 and a peristaltic pump designed to separate fused aluminum seat posts from their valuable steel frames.

`contate` is a document processor that parses for shebangs (#!) and then runs the found script, outputting it in place of the script. This allows you to embed arbitrary scripts in documents of any language your environment supports. It's used to create this website. It also supports:
  • Inline bash embedding
  • Basic cross-process key-value store with get and set
It is in use with unit and integration tests via xUnit for shell scripts.
The goal is to provide the most flexible static content generator (any language) with the least opinions so that you can pursue your goals without making decisions with variable future impact and steep learning curves.
Currently written in bash, it should be ported to another language like C, line by line, for more flexible parsing and better error handling. It needs to offer its key-value store API in other languages, and documentation to instruct such.

`authdoor` is a go package that allows you to switch on arbitrary authentication schemes during runtime. It's special because it wraps stdlib and common golang pkg data-structures in concurrency-safe structures, heavily biased for read speed.
authdoor is extremely well tested (>90%) with integration tests and a complete set of instructive benchmarks. However, it also has extremely high goals for performance and flexibility, as detailed below. It is currently in use to provide selective authentication to development resources on this server.
The original inspiration for authdoor was the numerous underused and underrated web-interface developer tools presented by golang: godoc and pprof, and other third party resources like mkdocs and logtail. Exposing this wealth of resources to the developer is valuable but would benefit from having flexible proxy and file-server spin-up with arbitrary authentication: github auth, password auth, etc.
The next steps involve wrapping stdlibs net/http data-structures in concurrent safe structures and providing config and gRPC support to modify the data-structures during runtime. Benchmarks indicate performance tuning is needed to make authdoor a no-brainer for production servers, and to never be a bottleneck.

static template
static template is a monorepo of build scripts and git submodules for quick deployment of well-structured, flexible, and linted static websites. It uses contate, sassc, eslint, and w3validator to generate a public folder out of your raw contate files- and of course contate can be any type of code.
Being a pure devops tool, the static template is very easy for someone with linux experience to integrate into their system without any friction. It provides security by requiring itself to be deprivileged to run and makes it very easy to manage staging and production servers.
The goals of static template is getting a static website up in an extremely flexible way with no learning curve- relying on tools familiar to all system administrators. The goal is always to make decisions easy and obvious while reducing learning curves.
A very complete template, most goals are specific to the tools it relies on. However, it will also begin to include tools for typescript and wasm in the future.

ssl check
`ssl check` is a go pkg that resolves the verified certificate chain for a domain or IP address and presents relevant information in a return structure.
It is being used in production to keep on eye on basic security status.
The goal is to avoid the common but unacceptable problem of expiring and broken ssl certificate chains. By being able to do this programmatically, we can control exactly how we are notified of problems.
sslcheck could provide more information about why a certificate is failing, but the solution is always the same: renew.

`auditmatic` can be thought of as a local-user chron/initrc. It makes it very easy to spin up watchdog processes for any aspect of system monitoring. It currently supports:
  • Github repo monitoring for changes local and remote
  • Notification of security updates
  • Notification of open/listening ports
  • Basic server and domain monitoring
  • Toolchain update monitoring
  • Log summaries
  • More...
It is being used but is due for a refactor
The goal is to provide a way to monitor disparate digital assets and systems at a low learning curve. This is meant for developers who have a handful of shells, and maybe embedded linux devices that they need to monitor. The issue being that developers who work on a variety of devices will often let their systems degrade after they are initially configured. Auditmatic prevents that but still allows the dev to keep control.
Auditmatic has a few bug-fixes and could be ported to another language more suitable than bash.

Bike Melter
Bike melter is a unique project in this list in that is is an embedded device and hardware project. At proof of concept stage, it manages a peristaltic pump via an ESP32 with a restful interface, wifi AP, and OLED digital display. It is meant to help separate fused aluminum seat posts from steel frames by a common chemical process which isn't cost effective unless otherwise automated.
Working proof of concept
Separates seat posts form their frames to recover expensive and loved bike frames.
Being at a proof of concept phase, there are numerous feature additions and manufacturing improvements that can be made. The commercial launch strategy of the project is also quite simple, but wont be made public.