From d215163ff9d37bf3bac8024c84589ec82a1e70af Mon Sep 17 00:00:00 2001
From: Wanja Hentze <wanja.hentze@bevuta.com>
Date: Mon, 11 Apr 2022 18:36:55 +0200
Subject: [PATCH 1/2] nixos/cockroachdb: add `extraArgs` option

There are a bunch of args to `cockroach start` that simply can not be set
given the current set of options, so this escape hatch enables them.
---
 nixos/modules/services/databases/cockroachdb.nix | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/databases/cockroachdb.nix b/nixos/modules/services/databases/cockroachdb.nix
index eb061af9262..411f2315f76 100644
--- a/nixos/modules/services/databases/cockroachdb.nix
+++ b/nixos/modules/services/databases/cockroachdb.nix
@@ -10,7 +10,8 @@ let
   ifNotNull = v: s: optionalString (v != null) s;
 
   startupCommand = lib.concatStringsSep " "
-    [ # Basic startup
+    ([
+      # Basic startup
       "${crdb}/bin/cockroach start"
       "--logtostderr"
       "--store=/var/lib/cockroachdb"
@@ -31,7 +32,7 @@ let
 
       # Certificate/security settings.
       (if cfg.insecure then "--insecure" else "--certs-dir=${cfg.certsDir}")
-    ];
+    ] ++ cfg.extraArgs);
 
     addressOption = descr: defaultPort: {
       address = mkOption {
@@ -159,6 +160,16 @@ in
           only contain open source features and open source code).
         '';
       };
+
+      extraArgs = mkOption {
+        type = types.listOf types.str;
+        default = [];
+        example = [ "--advertise-addr" "[fe80::f6f2:::]" ];
+        description = ''
+          Extra CLI arguments passed to <command>cockroach start</command>.
+          For the full list of supported argumemnts, check <link xlink:href="https://www.cockroachlabs.com/docs/stable/cockroach-start.html#flags"/>
+        '';
+      };
     };
   };
 

From dccd5a44d1b253d7f8595517287aad1c74228d14 Mon Sep 17 00:00:00 2001
From: Wanja Hentze <wanja.hentze@bevuta.com>
Date: Mon, 11 Apr 2022 18:41:06 +0200
Subject: [PATCH 2/2] nixos/cockroachdb: use `escapeSystemdExecArgs` for
 ExecStart args

Co-authored-by: pennae <82953136+pennae@users.noreply.github.com>
---
 .../services/databases/cockroachdb.nix        | 53 +++++++++----------
 1 file changed, 25 insertions(+), 28 deletions(-)

diff --git a/nixos/modules/services/databases/cockroachdb.nix b/nixos/modules/services/databases/cockroachdb.nix
index 411f2315f76..9a7aebe4f6a 100644
--- a/nixos/modules/services/databases/cockroachdb.nix
+++ b/nixos/modules/services/databases/cockroachdb.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, utils, ... }:
 
 with lib;
 
@@ -6,47 +6,44 @@ let
   cfg = config.services.cockroachdb;
   crdb = cfg.package;
 
-  escape    = builtins.replaceStrings ["%"] ["%%"];
-  ifNotNull = v: s: optionalString (v != null) s;
-
-  startupCommand = lib.concatStringsSep " "
+  startupCommand = utils.escapeSystemdExecArgs
     ([
       # Basic startup
-      "${crdb}/bin/cockroach start"
+      "${crdb}/bin/cockroach"
+      "start"
       "--logtostderr"
       "--store=/var/lib/cockroachdb"
-      (ifNotNull cfg.locality "--locality='${cfg.locality}'")
 
       # WebUI settings
-      "--http-addr='${cfg.http.address}:${toString cfg.http.port}'"
+      "--http-addr=${cfg.http.address}:${toString cfg.http.port}"
 
       # Cluster listen address
-      "--listen-addr='${cfg.listen.address}:${toString cfg.listen.port}'"
+      "--listen-addr=${cfg.listen.address}:${toString cfg.listen.port}"
 
-      # Cluster configuration
-      (ifNotNull cfg.join "--join=${cfg.join}")
-
-      # Cache and memory settings. Must be escaped.
-      "--cache='${escape cfg.cache}'"
-      "--max-sql-memory='${escape cfg.maxSqlMemory}'"
+      # Cache and memory settings.
+      "--cache=${cfg.cache}"
+      "--max-sql-memory=${cfg.maxSqlMemory}"
 
       # Certificate/security settings.
       (if cfg.insecure then "--insecure" else "--certs-dir=${cfg.certsDir}")
-    ] ++ cfg.extraArgs);
+    ]
+    ++ lib.optional (cfg.join != null) "--join=${cfg.join}"
+    ++ lib.optional (cfg.locality != null) "--locality=${cfg.locality}"
+    ++ cfg.extraArgs);
 
-    addressOption = descr: defaultPort: {
-      address = mkOption {
-        type = types.str;
-        default = "localhost";
-        description = "Address to bind to for ${descr}";
-      };
-
-      port = mkOption {
-        type = types.port;
-        default = defaultPort;
-        description = "Port to bind to for ${descr}";
-      };
+  addressOption = descr: defaultPort: {
+    address = mkOption {
+      type = types.str;
+      default = "localhost";
+      description = "Address to bind to for ${descr}";
     };
+
+    port = mkOption {
+      type = types.port;
+      default = defaultPort;
+      description = "Port to bind to for ${descr}";
+    };
+  };
 in
 
 {