Configuration

Configuration usually involves different application parts (such as infrastructure and security credentials) and different environments (development, production). That's why Symfony recommends that you split the application configuration into three parts.

By default, Symfony adds these types of options to the .env file when installing new dependencies in the app:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
# .env
###> doctrine/doctrine-bundle ###
DATABASE_URL=sqlite:///%kernel.project_dir%/var/data/blog.sqlite
###< doctrine/doctrine-bundle ###

###> symfony/swiftmailer-bundle ###
MAILER_URL=smtp://localhost?encryption=ssl&auth_mode=login&username=&password=
###< symfony/swiftmailer-bundle ###

# ...

These options aren't defined inside the config/services.yaml file because they have nothing to do with the application's behavior. In other words, your application doesn't care about the location of your database or the credentials to access to it, as long as the database is correctly configured.

To override these variables with machine-specific or sensitive values, create a .env.local file. This file should not be added to version control.

Caution

Beware that dumping the contents of the $_SERVER and $_ENV variables or outputting the phpinfo() contents will display the values of the environment variables, exposing sensitive information such as the database credentials.

Canonical Parameters

Best Practice

Define all your application's env vars in the .env file.

Symfony includes a configuration file called .env at the project root, which stores the canonical list of environment variables for the application. This file should be stored in version control and so should only contain non-sensitive default values.

Caution

Applications created before November 2018 had a slightly different system, involving a .env.dist file. For information about upgrading, see: Nov 2018 Changes to .env & How to Update.