From 93cf32f25aa5faf62e8864a68d998ef2baafcf30 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Sun, 28 Dec 2025 20:04:00 +0000
Subject: Add --reuse-key to command

If we are renewing via DNS-01, we need to make sure to reuse the same key -
otherwise, we will need a different hash to be propagated via DNS, which
reuqires multiple days for a proper rollover. DANE will break if this rollover
is not done.
---
 renew-all | 1 +
 1 file changed, 1 insertion(+)

diff --git a/renew-all b/renew-all
index 0b039f9..af6f157 100755
--- a/renew-all
+++ b/renew-all
@@ -42,6 +42,7 @@ def main() -> None:
                 + subdomain_requests
                 + [
                     "renew",
+                    "--reuse-key",
                     "--renew-hook",
                     domain[f"renew_script_{args.env}"],
                 ]
-- 
cgit v1.2.3