diff --git a/letsencrypt-renew.sh b/letsencrypt-renew.sh
index 099df7d..c767a1a 100755
--- a/letsencrypt-renew.sh
+++ b/letsencrypt-renew.sh
@@ -7,17 +7,17 @@ for inifile in cli-*.ini; do
 	# Strip domain out of filename
 	domain=${inifile:4:-4}
 
-# sleep for a random time so not all certificates get renewed at the same time
-sleep 473
+	# sleep for a random time so not all certificates get renewed at the same time
+	sleep 473
 
-# Check validity of cert for domain
-openssl x509 -checkend $(( 21 * 86400 )) -in ~/.config/letsencrypt/live/${domain}/cert.pem > /dev/null
+	# Check validity of cert for domain
+	openssl x509 -checkend $(( 21 * 86400 )) -in ~/.config/letsencrypt/live/${domain}/cert.pem > /dev/null
 
-if [ \$? != 0 ]; then
-	# run let's encrypt
-	letsencrypt certonly -c ~/.config/letsencrypt/cli-${domain}.ini
-	# import certificate
-	uberspace-add-certificate -k ~/.config/letsencrypt/live/${domain}/privkey.pem -c ~/.config/letsencrypt/live/${domain}/cert.pem
-fi
+	if [ \$? != 0 ]; then
+		# run let's encrypt
+		letsencrypt certonly -c ~/.config/letsencrypt/cli-${domain}.ini
+		# import certificate
+		uberspace-add-certificate -k ~/.config/letsencrypt/live/${domain}/privkey.pem -c ~/.config/letsencrypt/live/${domain}/cert.pem
+	fi
 
 done