I just figured out what was changing the /etc/nix permissions. In the impermanence README the example config suggests to use:
files = [
{
file = "/etc/nix/id_rsa";
parentDirectory = { mode = "u=rwx,g=,o="; };
}
];
which causes the parent directory of /etc/nix/id_rsa, i.e. /etc/nix, to have 700 permissions.
I don’t know in what scenarios this is a good idea but it’s probably a very bad default for most users. It looks like an issue was created on this topic so hopefully it gets fixed soon so that users like me that copy paste config without paying too much attention 
don’t encounter these issues down the road.