{ containerCfg, pkgs, builder, name, ... }:
let
  port = 8080;
  priority = toString (containerCfg.extra.priority or 2147482647);
  defaultRobots = ''
    User-agent: *
    Disallow: /
  '';
  robots =
    if containerCfg.extra ? robots then
      containerCfg.extra.robots
    else
      defaultRobots + (containerCfg.extra.extraRobots or "");
  robotsRoot = pkgs.writeTextDir "robots.txt" robots;
  image = pkgs.dockerTools.streamLayeredImage {
    name = "robots";
    tag = "1";
    contents = [
      robotsRoot
      pkgs.busybox
    ];
    config = {
      Entrypoint = [
        "${pkgs.busybox}/bin/httpd"
        "-f"
        "-p"
        "0.0.0.0:${toString port}"
        "-h"
        "${robotsRoot}"
      ];
      ExposedPorts = { "${toString port}/tcp" = { }; };
      WorkingDir = "/";
    };
  };
in {
  runtime = {
    containers = {
      server = builder.mkContainer {
        imageStream = image;
        port = port;
        extraLabels = {
          "traefik.enable" = "true";
          "traefik.http.routers.${name}.entrypoints" = "web-secure";
          "traefik.http.routers.${name}.rule" = "Path(`/robots.txt`)";
          "traefik.http.routers.${name}.priority" = priority;
          "traefik.http.routers.${name}.tls" = "true";
          "traefik.http.services.${name}.loadbalancer.server.port" = toString port;
        };
      };
    };
  };
}