diff --git a/manifests/common.pp b/manifests/common.pp
index 8caec4c..d4fc38b 100644
--- a/manifests/common.pp
+++ b/manifests/common.pp
@@ -6,6 +6,7 @@ class acme_vault::common (
     $vault_token        = $::acme_vault::params::vault_token,
     $vault_addr         = $::acme_vault::params::vault_addr,
     $vault_bin          = $::acme_vault::params::vault_bin,
+    $vault_prefix       = $::acme_vault::params::vault_prefix,
 
 ) inherits acme_vault::params {
 
@@ -13,6 +14,7 @@ class acme_vault::common (
 export VAULT_BIN=<%= @vault_bin %>
 export VAULT_TOKEN=<%= @vault_token %>
 export VAULT_ADDR=<%= @vault_addr %>
+export VAULT_PREFIX=<%= @vault_prefix %>
 END
     # create acme_vault user
     user { $user:
diff --git a/manifests/deploy.pp b/manifests/deploy.pp
index 750c2a3..c58f2c7 100644
--- a/manifests/deploy.pp
+++ b/manifests/deploy.pp
@@ -3,7 +3,6 @@ class acme_vault::deploy(
     $group                 = $::acme_vault::params::group,
     $home_dir              = $::acme_vault::params::home_dir,
 
-    $vault_token           = $::acme_vault::params::vault_token,
     $cert_destination_path = $::acme_vault::params::cert_destination_path,
     $domains               = $::acme_vault::params::domains,
 
diff --git a/manifests/params.pp b/manifests/params.pp
index 7bdba84..8f5f559 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -13,6 +13,7 @@ class acme_vault::params {
     $acme_revision = 'HEAD'
     $acme_repo_path = "$home_dir/acme.sh"
     $acme_script    = "$acme_repo_path/acme.sh"
+    $vault_prefix   = '/secret/letsencrypt/'
     # domains list TODO should be a mapping name -> domains
 
     $domains     = ''
diff --git a/manifests/requestor.pp b/manifests/requestor.pp
index 3e21169..c8eeb9f 100644
--- a/manifests/requestor.pp
+++ b/manifests/requestor.pp
@@ -23,12 +23,19 @@ class acme_vault::requestor (
     include acme_vault::common
 
     $requestor_bashrc_template = @(END)
-export LEXICON_PROVIDER=<%= @lexicon_provider %>
+export TLDEXTRACT_CACHE=$HOME/.tld_set
+export PROVIDER=<%= @lexicon_provider %>
 export LEXICON_<%= @lexicon_provider.upcase %>_USERNAME=<%= @lexicon_username %>
 export LEXICON_<%= @lexicon_provider.upcase %>_TOKEN=<%= @lexicon_token %>
 END
-    # variables in bashrc
 
+    # install lexicon
+    ensure_packages(['dns-lexicon', 'PyNamecheap'], {
+      ensure   => present,
+      provider => 'pip',
+    })
+
+    # variables in bashrc
 		concat::fragment { "requestor_bashrc":
       target  => "${home_dir}/.bashrc",
       content => inline_template($requestor_bashrc_template),
@@ -62,6 +69,11 @@ END
           } 
         )
       }
+      cron { "${domain}_issue":
+        command => "${home_dir}/${domain}.sh",
+        user    => $user,
+        weekday => 1,
+      }
     }
 
 }
diff --git a/templates/domain.epp b/templates/domain.epp
index bd7691a..6ba73eb 100644
--- a/templates/domain.epp
+++ b/templates/domain.epp
@@ -11,4 +11,8 @@
 <% $domains.each |$d| { -%>
 --domain "<%= $d %>" \
 <% } -%>
-
+ > /dev/null && \
+<%= $acme_script %> \
+--deploy \
+--domain <%= $domain %> \
+--deploy-hook vault_cli