diff --git a/nixos/tests/nominatim.nix b/nixos/tests/nominatim.nix
index 78106b61d778..4294d04fe880 100644
--- a/nixos/tests/nominatim.nix
+++ b/nixos/tests/nominatim.nix
@@ -59,14 +59,34 @@ in
       { config, pkgs, ... }:
       {
         # Database password
-        system.activationScripts = {
-          passwordFile.text = with config.services.nominatim.database; ''
-            mkdir -p /run/secrets
-            echo "${host}:${toString port}:${dbname}:${apiUser}:password" \
-              > /run/secrets/pgpass
-            chown nominatim-api:nominatim-api /run/secrets/pgpass
-            chmod 0600 /run/secrets/pgpass
-          '';
+        systemd.services.nominatim = {
+          serviceConfig.ExecStartPre =
+            let
+              createPasswordFile = lib.getExe (
+                pkgs.writeShellApplication {
+                  name = "nominatim-pre-start";
+                  text =
+                    let
+                      inherit (config.services.nominatim.database)
+                        host
+                        port
+                        dbname
+                        apiUser
+                        ;
+                    in
+                    ''
+                      mkdir -p /run/secrets
+                      echo "${host}:${toString port}:${dbname}:${apiUser}:password" \
+                        > /run/secrets/pgpass
+                      chown nominatim-api:nominatim-api /run/secrets/pgpass
+                      chmod 0600 /run/secrets/pgpass
+                    '';
+                }
+              );
+            in
+            [
+              "+${createPasswordFile}"
+            ];
         };
 
         # Nominatim