diff --git a/.env b/.env
index eafd2a9..ba5541e 100644
--- a/.env
+++ b/.env
@@ -25,7 +25,15 @@ APP_SECRET=
 #
 # DATABASE_URL="sqlite:///%kernel.project_dir%/var/data_%kernel.environment%.db"
 # DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4"
-DATABASE_URL="mysql://escapepage:b.0nqrxJ%%2FD%%2ALuf9N@localhost:3306/escapepage?serverVersion=8.0.32&charset=utf8mb4"
+DB_DRIVER=pdo_mysql
+DB_SERVER_VERSION=8.0.32
+DB_CHARSET=utf8mb4
+DB_USER=escapepage
+DB_PASSWORD="b.0nqrxJ/D*Luf9N"
+DB_HOST=localhost
+DB_PORT=3306
+DB_NAME=escapepage
+DATABASE_URL="${DB_DRIVER}://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?serverVersion=${DB_SERVER_VERSION}&charset=${DB_CHARSET}"
 ###< doctrine/doctrine-bundle ###
 
 ###> symfony/messenger ###
@@ -58,6 +66,8 @@ MERCURE_URL=http://mercure/.well-known/mercure
 MERCURE_PUBLIC_URL=http://localhost:8090/.well-known/mercure
 # Shared secret for signing JWTs (dev only). In prod, set via real env/secrets.
 MERCURE_JWT_SECRET=!ChangeThisMercureJWTSignedBySymfonySecretKey!
-# Base URL for Mercure topics. Use .dev in development; override to .com in prod via .env.prod or real env.
+# CORS allowed origins (default)
+MERCURE_CORS_ALLOWED_ORIGINS=http://localhost:8080
+# Base URL for Mercure topics.
 MERCURE_TOPIC_BASE=https://escapepage.dev
 ###< mercure ###
diff --git a/.gitignore b/.gitignore
index d7d6746..2182434 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,9 +3,6 @@
 /.env.local
 /.env.local.php
 /.env.*.local
-/.env.dev
-/.env.prod
-/.env.test
 /config/secrets/prod/prod.decrypt.private.php
 /public/bundles/
 /var/
diff --git a/compose.yaml b/compose.yaml
index 21181f3..6b45d88 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -7,11 +7,11 @@ services:
     environment:
       # Uncomment the following line to disable HTTPS,
       #SERVER_NAME: ':80'
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
+      MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_JWT_SECRET}
+      MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_JWT_SECRET}
       # Set the URL of your Symfony project (without trailing slash!) as value of the cors_origins directive
       MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins http://localhost:8080
+        cors_origins ${MERCURE_CORS_ALLOWED_ORIGINS:-http://localhost:8080}
     # Comment the following line to disable the development mode
     command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
     healthcheck:
diff --git a/config/packages/doctrine.yaml b/config/packages/doctrine.yaml
index 8e0dbc1..72897be 100644
--- a/config/packages/doctrine.yaml
+++ b/config/packages/doctrine.yaml
@@ -1,6 +1,14 @@
 doctrine:
     dbal:
-        url: '%env(resolve:DATABASE_URL)%'
+        # url: '%env(resolve:DATABASE_URL)%'
+        driver: '%env(DB_DRIVER)%'
+        server_version: '%env(DB_SERVER_VERSION)%'
+        host: '%env(DB_HOST)%'
+        port: '%env(DB_PORT)%'
+        user: '%env(DB_USER)%'
+        password: '%env(DB_PASSWORD)%'
+        dbname: '%env(DB_NAME)%'
+        charset: '%env(DB_CHARSET)%'
 
         # IMPORTANT: You MUST configure your server version,
         # either here or in the DATABASE_URL env var (see .env file)
diff --git a/docker/compose.yaml b/docker/compose.yaml
index 23b5f35..50205a9 100644
--- a/docker/compose.yaml
+++ b/docker/compose.yaml
@@ -63,12 +63,12 @@ services:
     container_name: escapepage-mercure
     environment:
       SERVER_NAME: ":80"
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
-      MERCURE_CORS_ALLOWED_ORIGINS: http://localhost:8080
-      MERCURE_PUBLISH_ALLOWED_ORIGINS: http://localhost:8080
+      MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_JWT_SECRET}
+      MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_JWT_SECRET}
+      MERCURE_CORS_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS:-http://localhost:8080}
+      MERCURE_PUBLISH_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS:-http://localhost:8080}
       MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins http://localhost:8080
+        cors_origins ${MERCURE_CORS_ALLOWED_ORIGINS:-http://localhost:8080}
         # Allow anonymous subscribers in dev only
         anonymous
     ports:
@@ -82,9 +82,9 @@ services:
     image: mysql:8.0
     container_name: escapepage-db
     environment:
-      MYSQL_DATABASE: ${MYSQL_DATABASE:-app}
-      MYSQL_USER: ${MYSQL_USER:-app}
-      MYSQL_PASSWORD: ${MYSQL_PASSWORD:-!ChangeMe!}
+      MYSQL_DATABASE: ${DB_NAME:-app}
+      MYSQL_USER: ${DB_USER:-app}
+      MYSQL_PASSWORD: ${DB_PASSWORD:-!ChangeMe!}
       MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-root}
     healthcheck:
       test: ["CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "-uroot", "-p${MYSQL_ROOT_PASSWORD:-root}"]