diff --git a/.deployment/production/production.secrets.env b/.deployment/production/production.secrets.env
index 28ec94a..5693223 100644
Binary files a/.deployment/production/production.secrets.env and b/.deployment/production/production.secrets.env differ
diff --git a/pluralityspace/settings.py b/pluralityspace/settings.py
index d5c572a..a3efc8e 100644
--- a/pluralityspace/settings.py
+++ b/pluralityspace/settings.py
@@ -20,13 +20,12 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-# TODO change this (issue #2)
-SECRET_KEY = 'pf2m=go(3m85v*@&i@$t_5&ocgth@pi1abhqito1*q8d&m&r-#'
+SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'local-development-secret')
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = int(os.environ.get('DJANGO_DEBUG', True))
 
-ALLOWED_HOSTS = ['localhost', 'plurality.space']
+ALLOWED_HOSTS = os.environ.get('DJANGO_ALLOWED_HOSTS', 'localhost').split(' ')
 
 
 # Application definition
@@ -76,8 +75,12 @@ WSGI_APPLICATION = 'pluralityspace.wsgi.application'
 
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+        'ENGINE': 'django.db.backends.' + os.environ.get('SQL_ENGINE', 'sqlite3'),
+        'NAME': os.environ.get('SQL_DATABASE', os.path.join(BASE_DIR, 'db.sqlite3')),
+        'HOST': os.environ.get('SQL_HOST', ''),
+        'PORT': os.environ.get('SQL_PORT', ''),
+        'USER': os.environ.get('SQL_USER', ''),
+        'PASSWORD': os.environ.get('SQL_PASSWORD', ''),
     }
 }