diff --git a/Cargo.toml b/Cargo.toml
index 59a7f8a..a767cf3 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "api"
-version = "0.9.0-dev"
+version = "0.9.5-dev"
 edition = "2018"
 license = "AGPL-3.0-or-later"
 authors = ["Denys Konovalov <denys.konovalov@protonmail.com>"]
diff --git a/src/indiware_connector.rs b/src/indiware_connector.rs
index 2d821ec..f267ade 100644
--- a/src/indiware_connector.rs
+++ b/src/indiware_connector.rs
@@ -5,6 +5,7 @@ use diesel::{Insertable, Queryable};
 use quickxml_to_serde::{xml_string_to_json, Config};
 use serde_derive::{Deserialize, Serialize};
 use serde_json::{json, Map};
+use std::env;
 
 #[derive(Queryable, Serialize, Insertable, Deserialize, Clone)]
 #[table_name = "timetable"]
@@ -32,8 +33,18 @@ pub struct Lesson {
 async fn get_timetable_xml(url: &str) -> serde_json::value::Value {
     let client = reqwest::Client::new();
     let resp = client
-        .get(format!("{}/{}", config::TIMETABLE_URL, url))
-        .basic_auth(config::TIMETABLE_USER, config::TIMETABLE_PASSWORD)
+        .get(format!(
+            "{}/{}",
+            env::var("IW_TIMETABLE_URL").unwrap_or(config::IW_TIMETABLE_URL.to_string()),
+            url
+        ))
+        .basic_auth(
+            env::var("IW_TIMETABLE_USER").unwrap_or(config::IW_TIMETABLE_USER.to_string()),
+            Some(
+                env::var("IW_TIMETABLE_PASSWORD")
+                    .unwrap_or(config::IW_TIMETABLE_PASSWORD.to_string()),
+            ),
+        )
         .send()
         .await
         .unwrap()
diff --git a/src/keycloak_connector.rs b/src/keycloak_connector.rs
index abd4304..932d6e9 100644
--- a/src/keycloak_connector.rs
+++ b/src/keycloak_connector.rs
@@ -7,6 +7,7 @@ use jsonwebtoken::{encode, EncodingKey, Header};
 use rocket::{response::status, serde::json::Json};
 use serde_derive::{Deserialize, Serialize};
 use serde_json::json;
+use std::env;
 use std::error::Error;
 use std::fmt::Display;
 use std::time::{Duration, SystemTime, UNIX_EPOCH};
@@ -102,11 +103,17 @@ pub async fn get_keycloak_token(
         ("username", user),
         ("password", password),
         ("totp", otp),
-        ("client_id", config::KC_CLIENT_ID.to_string()),
+        (
+            "client_id",
+            env::var("KC_CLIENT_ID").unwrap_or(config::KC_CLIENT_ID.to_string()),
+        ),
         ("grant_type", String::from("password")),
     ];
     let resp = client
-        .post(config::KC_OPENID_TOKEN_ENDPOINT)
+        .post(
+            env::var("KC_OPENID_TOKEN_ENDPOINT")
+                .unwrap_or(config::KC_OPENID_TOKEN_ENDPOINT.to_string()),
+        )
         .form(&params)
         .send()
         .await?;
@@ -116,7 +123,10 @@ pub async fn get_keycloak_token(
 pub async fn get_keycloak_userinfo(token: String) -> Result<KeycloakUser, Box<dyn Error>> {
     let client = reqwest::Client::new();
     let resp = client
-        .get(config::KC_OPENID_USERINFO_ENDPOINT)
+        .get(
+            env::var("KC_OPENID_USERINFO_ENDPOINT")
+                .unwrap_or(config::KC_OPENID_USERINFO_ENDPOINT.to_string()),
+        )
         .header("Authorization", format!("Bearer {}", token))
         .send()
         .await?
@@ -220,7 +230,7 @@ pub async fn login(
             let system_time = OffsetDateTime::now_utc();
             let datetime = system_time.format("%d/%m/%Y %T");
             let my_claims = Claims {
-                iss: String::from(config::JWT_ISSUER),
+                iss: env::var("JWT_ISSUER").unwrap_or(config::JWT_ISSUER.to_string()),
                 user: userinfo.preferred_username,
                 roles: userinfo.roles,
                 groups: userinfo.groups,
@@ -237,7 +247,11 @@ pub async fn login(
             let jwt = encode(
                 &Header::default(),
                 &my_claims,
-                &EncodingKey::from_secret(config::JWT_SECRET.as_ref()),
+                &EncodingKey::from_secret(
+                    env::var("JWT_SECRET")
+                        .unwrap_or(config::JWT_SECRET.to_string())
+                        .as_ref(),
+                ),
             );
             Ok(Json(Token {
                 outcome: (TokenStatus::Success, String::new()),
diff --git a/src/main.rs b/src/main.rs
index d557ee7..b84fa9e 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -25,6 +25,7 @@ use rocket::{
 };
 use rocket_sync_db_pools::{database, diesel::PgConnection};
 use serde_derive::{Deserialize, Serialize};
+use std::env;
 
 #[database("timetable")]
 pub struct DbConn(PgConnection);
@@ -90,7 +91,11 @@ impl<'r> FromRequest<'r> for ApiKey<'r> {
             };
             let token = decode::<Claims>(
                 key,
-                &DecodingKey::from_secret(config::JWT_SECRET.as_ref()),
+                &DecodingKey::from_secret(
+                    env::var("JWT_SECRET")
+                        .unwrap_or(config::JWT_SECRET.to_string())
+                        .as_ref(),
+                ),
                 &validation,
             );
             token.is_ok()
@@ -110,7 +115,11 @@ impl<'r> FromRequest<'r> for ApiKey<'r> {
             let teacher_permissions: Vec<String> = vec![];
             let token = decode::<Claims>(
                 key,
-                &DecodingKey::from_secret(config::JWT_SECRET.as_ref()),
+                &DecodingKey::from_secret(
+                    env::var("JWT_SECRET")
+                        .unwrap_or(config::JWT_SECRET.to_string())
+                        .as_ref(),
+                ),
                 &validation,
             );
             let token = token.unwrap();