# Customer Portal — my.techtoschool.com

# HTTP → redirect to HTTPS
<VirtualHost 69.16.249.45:80>
    ServerName my.techtoschool.com

    # ACME challenge must stay on HTTP for cert renewal
    Alias /.well-known /var/www/html/mkl/public/.well-known
    <Directory /var/www/html/mkl/public/.well-known>
        Require all granted
        Options -Indexes
    </Directory>

    RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/\.well-known/
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>

# HTTPS
<VirtualHost 69.16.249.45:443>
    ServerName my.techtoschool.com

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/my.techtoschool.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/my.techtoschool.com/privkey.pem

    # Proxy settings
    ProxyPreserveHost On
    ProxyTimeout 300

    # Everything → customer portal on port 3003
    ProxyPass / http://127.0.0.1:3003/
    ProxyPassReverse / http://127.0.0.1:3003/

    ErrorLog /etc/apache2/logs/domlogs/my.techtoschool.com-error_log
    CustomLog /etc/apache2/logs/domlogs/my.techtoschool.com-ssl_log combined
</VirtualHost>