rc.tcl | 8 +++++++-

diff --git a/rc.tcl b/rc.tcl
index 9626b65acddad2253489faa737ea98082fd1cb6c218786dadbaebe439916a5c3..f440feed20ee77949d50e498c9e60338e7fee69c0ccd10de023a3145b92bc988 100644
--- a/rc.tcl
+++ b/rc.tcl
@@ -56,7 +56,7 @@     global ReSPF
     puts "$dn TXT \"$ReSPF\""
 }
 
-proc dane {dn {port 443}} {
+proc dane {dn {port 443} {nocaa false}} {
     set dn [fqdn $dn]
     set dirname [string trimright $dn .]
     set was [pwd]
@@ -70,6 +70,7 @@         set caas [lappend $caas [lindex [split $ca /] end]]
         puts "[shorten _$port._tcp.$dn] TLSA 3 1 1 [exec zeasypki dane $ee]"
     }
     cd $was
+    if {$nocaa} { return }
     foreach ca [lsort -unique $caas] {
         puts "[shorten $dn] CAA 0 issue \"$ca\""
     }
@@ -116,6 +117,11 @@         puts "$short TXT \"$NoSPF\""
         puts "$short $NoMX"
         ssh $short
     }
+}
+
+proc cname {src dst} {
+    puts "[shorten $src] CNAME [shorten $dst]"
+    dane $src 443 true
 }
 
 proc pgp {keyid {uid ""}} {