diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix
index ca6738f0fe1c..71dd38a3f476 100644
--- a/nixos/modules/services/networking/unifi.nix
+++ b/nixos/modules/services/networking/unifi.nix
@@ -1,9 +1,24 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, utils, ... }:
 with lib;
 let
   cfg = config.services.unifi;
   stateDir = "/var/lib/unifi";
   cmd = "@${pkgs.icedtea7_jre}/bin/java java -jar ${stateDir}/lib/ace.jar";
+  mountPoints = [
+    {
+      what = "${pkgs.unifi}/dl";
+      where = "${stateDir}/dl";
+    }
+    {
+      what = "${pkgs.unifi}/lib";
+      where = "${stateDir}/lib";
+    }
+    {
+      what = "${pkgs.mongodb}/bin";
+      where = "${stateDir}/bin";
+    }
+  ];
+  systemdMountPoints = map (m: "${utils.escapeSystemdPath m.where}.mount") mountPoints;
 in
 {
 
@@ -32,30 +47,18 @@ in
     # to be used as the working directory.
     systemd.mounts = map ({ what, where }: {
         bindsTo = [ "unifi.service" ];
-        requiredBy = [ "unifi.service" ];
-        before = [ "unifi.service" ];
+        partOf = [ "unifi.service" ];
         options = "bind";
         what = what;
         where = where;
-      }) [
-        {
-          what = "${pkgs.unifi}/dl";
-          where = "${stateDir}/dl";
-        }
-        {
-          what = "${pkgs.unifi}/lib";
-          where = "${stateDir}/lib";
-        }
-        {
-          what = "${pkgs.mongodb}/bin";
-          where = "${stateDir}/bin";
-        }
-      ];
+      }) mountPoints;
 
     systemd.services.unifi = {
       description = "UniFi controller daemon";
       wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
+      after = [ "network.target" ] ++ systemdMountPoints;
+      partOf = systemdMountPoints;
+      bindsTo = systemdMountPoints;
 
       preStart = ''
         # Ensure privacy of state