{...}: {
  services.secrets = {
    enable = true;
    secrets = {
      home-wifi-password = {
        user = "root";
        group = "root";
        permissions = "0600";
        path = "/etc/NetworkManager/system-connections/Home-WiFi.nmconnection";

        fetchScript = ''
          ssid=$(simple_get "/passwords/wifi/parentals-home" .ssid)
          password=$(simple_get "/passwords/wifi/parentals-home" .password)

          # Create path to if doesn't exist, useful for when using secrets-init on another host
          if [ ! -d "$SYSROOT/etc/NetworkManager/system-connections" ]; then
            mkdir -p "$SYSROOT/etc/NetworkManager/system-connections"
          fi

          cp ${./data/wifi-nmconnection.template} "$secretFile"
          sed -i "s/WIFI_ID/Home-WiFi/" "$secretFile"
          sed -i "s/WIFI_SSID/$ssid/" "$secretFile"
          sed -i "s/WIFI_PASSWORD/$password/" "$secretFile"
        '';
      };
    };
  };
}