diff --git a/certmgr b/certmgr
deleted file mode 100644
index 8b15b32..0000000
Binary files a/certmgr and /dev/null differ
diff --git a/main.go b/main.go
index b4e4dbc..197aec0 100644
--- a/main.go
+++ b/main.go
@@ -1,19 +1,21 @@
 package main
 
 import (
+	"bufio"
 	"code.gitea.io/sdk/gitea"
 	"fmt"
 	"git.nevets.tech/Steven/ezconf"
 	"github.com/go-git/go-git/v5/plumbing/object"
+	"io"
 	"os/exec"
 	"strings"
 	"time"
 
-	billy "github.com/go-git/go-billy/v5"
-	memfs "github.com/go-git/go-billy/v5/memfs"
-	git "github.com/go-git/go-git/v5"
-	http "github.com/go-git/go-git/v5/plumbing/transport/http"
-	memory "github.com/go-git/go-git/v5/storage/memory"
+	"github.com/go-git/go-billy/v5"
+	"github.com/go-git/go-billy/v5/memfs"
+	"github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/plumbing/transport/http"
+	"github.com/go-git/go-git/v5/storage/memory"
 	"os"
 )
 
@@ -51,6 +53,8 @@ func main() {
 		os.Exit(1)
 	}
 
+	hasDns, dnsIndex := contains(args, "--dns")
+
 	legoBaseArgs = []string{
 		"-a",
 		"--dns",
@@ -66,15 +70,12 @@ func main() {
 	subdomains := config.GetAsStrings("Certificates.subdomains")
 	if subdomains != nil {
 		for i, subdomain := range subdomains {
-			insert(legoBaseArgs, 5+i, "--domains=*."+subdomain)
+			legoBaseArgs = insert(legoBaseArgs, 5+i, "--domains=*."+subdomain+"."+domain)
 		}
 	}
 
-	err = os.Setenv("CF_API_TOKEN", config.GetAsString("Cloudflare.cf_api_token"))
-	err = os.Setenv("CF_EMAIL", config.GetAsString("Cloudflare.cf_email"))
-	if err != nil {
-		fmt.Printf("Error setting environment variable: %v\n", err)
-		os.Exit(1)
+	if hasDns {
+		legoBaseArgs = insert(legoBaseArgs, 3, "--dns.resolvers="+args[dnsIndex+1])
 	}
 
 	creds = &http.BasicAuth{
@@ -101,22 +102,60 @@ func main() {
 		}
 	case "renew":
 		{
-			cloneRepo(config.GetAsString("Git.server") + "/" + config.GetAsString("Git.org_name"))
+			cloneRepo(config.GetAsString("Git.server") + "/" + config.GetAsString("Git.org_name") + "/" + domain + "-certificates.git")
 			cmd = exec.Command("lego", legoRenewSiteArgs...)
 		}
+	case "gen-cert-only":
+		{
+			cmd = exec.Command("lego", legoNewSiteArgs...)
+		}
+	case "renew-cert-only":
+		{
+			cmd = exec.Command("lego", legoRenewSiteArgs...)
+		}
+	case "git":
+		{
+			url := createGiteaRepo()
+			cloneRepo(url)
+			fixUpdateSh()
+			addAndPushCerts()
+			os.Exit(0)
+		}
 	default:
 		{
 			fmt.Println("Missing arguments: conclude command with 'gen' or 'renew'")
 			os.Exit(1)
 		}
 	}
-	fmt.Printf("Env Vars: %v", cmd.Env)
-	out, err := cmd.CombinedOutput()
+	cmd.Env = append(cmd.Environ(),
+		"CLOUDFLARE_DNS_API_TOKEN="+config.GetAsString("Cloudflare.cf_api_token"),
+		"CLOUDFLARE_ZONE_API_TOKEN"+config.GetAsString("Cloudflare.cf_api_token"),
+		"CLOUDFLARE_EMAIL="+config.GetAsString("Cloudflare.cf_email"),
+	)
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		fmt.Printf("Error getting stdout from lego process: %v", err)
+		os.Exit(1)
+	}
+	err = cmd.Start()
 	if err != nil {
 		fmt.Printf("Error creating certs with lego: %v", err)
 		os.Exit(1)
 	}
-	fmt.Println(string(out))
+	scanner := bufio.NewScanner(stdout)
+	go func() {
+		for scanner.Scan() {
+			fmt.Println(scanner.Text())
+		}
+		if err := scanner.Err(); err != nil {
+			fmt.Fprintln(os.Stderr, "reading standard input:", err)
+		}
+	}()
+	err = cmd.Wait()
+	if err != nil {
+		fmt.Printf("Error waiting for lego command to finish: %v", err)
+		os.Exit(1)
+	}
 	addAndPushCerts()
 }
 
@@ -157,61 +196,73 @@ func cloneRepo(url string) {
 }
 
 func fixUpdateSh() {
-	updateSh, err := fs.Open("update.sh")
+	oldUpdateSh, err := fs.Open("update.sh")
 	if err != nil {
 		fmt.Printf("Error opening update.sh: %v", err)
 		os.Exit(1)
 	}
-	content := "#!/bin/env bash\necho Starting cert pull\ngit pull https://Steven:07026d2d4e99614ec98fc2a8357f108f78f52682@git.nevets.tech/Keys/" + domain + "-certificates.git --force --no-rebase\nexit 0"
-	fmt.Printf("Update.sh Content: %v\n", content)
+	contentBytes, err := io.ReadAll(oldUpdateSh)
+	if err != nil {
+		fmt.Printf("Error reading update.sh: %v", err)
+		os.Exit(1)
+	}
+	content := string(contentBytes)
+	strings.ReplaceAll(content, "<>", domain)
+	updateSh, err := fs.Create("update.sh")
 	_, err = updateSh.Write([]byte(content))
 	err = updateSh.Close()
 	if err != nil {
 		fmt.Printf("Error writing update.sh: %v", err)
 		os.Exit(1)
 	}
+	_, err = workTree.Add("update.sh")
+	if err != nil {
+		fmt.Printf("Error adding update.sh: %v", err)
+		os.Exit(1)
+	}
 }
 
 func addAndPushCerts() {
 	//TODO integrate SOPS api when stable release
-	certs, err := os.ReadDir(config.GetAsString("Certificates.certs_path"))
+	certs, err := os.ReadDir(config.GetAsString("Certificates.certs_path") + "/certificates")
 	if err != nil {
 		fmt.Printf("Error reading from directory: %v\n", err)
 		os.Exit(1)
 	}
 	for _, cert := range certs {
 		if strings.HasPrefix(cert.Name(), domain) {
-			file, err := fs.Create(config.GetAsString("Certificates.certs_path" + "/" + cert.Name()))
+			file, err := fs.Create(cert.Name())
 			if err != nil {
 				fmt.Printf("Error copying cert to memfs: %v\n", err)
 				os.Exit(1)
 			}
-			certFile, err := os.ReadFile(config.GetAsString("Certificates.certs_path" + "/" + cert.Name()))
+			certFile, err := os.ReadFile(config.GetAsString("Certificates.certs_path") + "/certificates/" + cert.Name())
 			_, err = file.Write(certFile)
+			err = file.Close()
 			if err != nil {
 				fmt.Printf("Error writing to memfs: %v\n", err)
 				os.Exit(1)
 			}
+			_, err = workTree.Add(cert.Name())
+			if err != nil {
+				fmt.Printf("Error adding certificate %v: %v", cert.Name(), err)
+				os.Exit(1)
+			}
 		}
 	}
 
-	_, err = workTree.Add(".")
-	if err != nil {
-		fmt.Printf("Error adding certificates to workTree: %v\n", err)
-		os.Exit(1)
-	}
 	status, err := workTree.Status()
 	if err != nil {
 		fmt.Printf("Error getting repo status: %v\n", err)
 		os.Exit(1)
 	}
-	fmt.Println(status.String())
+	fmt.Println("Work Tree Status:\n" + status.String())
 	signature := &object.Signature{
 		Name:  "Cert Manager",
 		Email: "certs@nevets.tech",
 		When:  time.Now(),
 	}
-	_, err = workTree.Commit("Update "+domain+" @ "+time.Now().String(), &git.CommitOptions{Author: signature, Committer: signature})
+	_, err = workTree.Commit("Update "+domain+" @ "+time.Now().Format("Mon Jan _2 2006 15:04:05 MST"), &git.CommitOptions{Author: signature, Committer: signature})
 	if err != nil {
 		fmt.Printf("Error committing certs: %v\n", err)
 		os.Exit(1)
@@ -222,7 +273,7 @@ func addAndPushCerts() {
 		os.Exit(1)
 	}
 
-	fmt.Println("Successfully uploaded to repo")
+	fmt.Println("Successfully uploaded to " + config.GetAsString("Git.server") + "/" + config.GetAsString("Git.org_name") + "/" + domain + "-certificates.git")
 }
 
 func contains(slice []string, value string) (sliceHas bool, index int) {