Renew only specified domains

[SoniEx2]

Welcome

• [X] Yes, I've searched similar issues on GitHub and didn't find any.

How do you use lego?

Binary

Detailed Description

When using lego renew, one should be able to tell lego to only renew the specified domains, and drop any domains not specified.

This would make managing certs much easier as one'd be able to just use systemd for it, instead of remembering the run command and all that. Just add/remove -d's and call it a day, then run the renewal unit.

[m1cr0man]

I'd like to second this - in NixOS' ACME module it was recently reported (NixOS/nixpkgs#147540) that removing a domain does not work as expected, for this reason.

I would also ask that if the list of domains differs from those specified on the CLI, and --days is also specified, that a renewal would be attempted regardless of expiry date for those domains specified. This avoids a hacky bit of scripting we did already to detect a change in the configured domains.

[aanderse]

Some days I wonder why we use lego instead of certbot... 😞

[ldez]

@aanderse Some days I wonder why I spend my time creating and maintaining open-source projects... Please, there are humans behind open-source projects.

[aanderse]

@ldez I'm sorry. I actually intended that comment to be in the NixOS issue thread, not this one... but after some reflection I realize even in the NixOS issue thread it is still an inappropriate comment. You're right. I'm an open source contributor as well and it never feels nice when people leave comments like that based on your hard work. Please do accept my apologies - many people appreciate the work people put into this project, myself included.