Also, I did find a sort of solution but doesn’t explain why NixOS doesn’t set these permissions up properly by default. I had to declare options for the filesystem and it made it work
"/boot" = {
device = "${bootPart}";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" "defaults" ];
};