diff --git a/modules/system/boot/readonly-mountpoint.c b/modules/system/boot/readonly-mountpoint.c
new file mode 100644
index 000000000000..03ec18d4ceba
--- /dev/null
+++ b/modules/system/boot/readonly-mountpoint.c
@@ -0,0 +1,21 @@
+#include <sys/statvfs.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char ** argv) {
+	struct statvfs stat;
+	int res;
+	if (argc != 2) {
+		fprintf(stderr, "Usage: %s PATH", argv[0]);
+		exit(2);
+	}
+	if(statvfs(argv[1], &stat) != 0) {
+		perror("statvfs");
+		exit(3);
+	}
+	if (stat.f_flag & ST_RDONLY)
+		exit(0);
+	else
+		exit(1);
+}
+
diff --git a/modules/system/boot/stage-2-init.sh b/modules/system/boot/stage-2-init.sh
index 8df7eba5d78e..6e23052e61d1 100644
--- a/modules/system/boot/stage-2-init.sh
+++ b/modules/system/boot/stage-2-init.sh
@@ -51,8 +51,10 @@ echo "booting system configuration $systemConfig" > /dev/kmsg
 chown 0:30000 /nix/store
 chmod 1775 /nix/store
 if [ -n "@readOnlyStore@" ]; then
-    mount --bind /nix/store /nix/store
-    mount -o remount,ro,bind /nix/store
+    if ! readonly-mountpoint /nix/store; then
+        mount --bind /nix/store /nix/store
+        mount -o remount,ro,bind /nix/store
+    fi
 fi
 
 
diff --git a/modules/system/boot/stage-2.nix b/modules/system/boot/stage-2.nix
index e357cab5898c..efffb89d732f 100644
--- a/modules/system/boot/stage-2.nix
+++ b/modules/system/boot/stage-2.nix
@@ -62,6 +62,12 @@ let
   kernel = config.boot.kernelPackages.kernel;
   activateConfiguration = config.system.activationScripts.script;
 
+  readonlyMountpoint = pkgs.runCommand "readonly-mountpoint" {} ''
+    mkdir -p $out/bin
+    cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
+    strip -s $out/bin/readonly-mountpoint
+  '';
+
   bootStage2 = pkgs.substituteAll {
     src = ./stage-2-init.sh;
     shellDebug = "${pkgs.bashInteractive}/bin/bash";
@@ -73,7 +79,8 @@ let
       [ pkgs.coreutils
         pkgs.utillinux
         pkgs.sysvtools
-      ] ++ optional config.boot.cleanTmpDir pkgs.findutils;
+      ] ++ (optional config.boot.cleanTmpDir pkgs.findutils)
+      ++ optional config.nix.readOnlyStore readonlyMountpoint;
     postBootCommands = pkgs.writeText "local-cmds"
       ''
         ${config.boot.postBootCommands}