A CSR can already have the domains (CN & SAN, although SAN must always contain the CN) embedded.
In that case an option for using those domains automatically (not requiring --domain) would be desirable.

That way you can generate working CSRs and use letsencrypt-rs without any configuration (except for where the files are of course).