# Configuration

**Environment Variables**

**You MUST put sensitive information into .env files**

Use .env files to store any secure information and retrieve it via **env** function. There should be no instance on which you will put it inside models/controllers and commit it to Git.

Good

// .env

`API_HOST=https://example.com/api`

`API_USERNAME=myuser`

`API_PASSWORD=secret`

// access the value from app/config.php file

`return [`

&#x20;`...`

&#x20;`'api_host' => env('API_HOST', 'https://defaultdomain.com')`

&#x20;`'api_username' => env('API_USER', 'defaultuser')`

&#x20;`'api_password' => env('API_USER', 'defaultpassword')`

&#x20;`...`

`]`

Bad

`define('API_HOST', 'https://defaultdomain.com');`

`define('API_USERNAME', 'defaultuser');`

`define('API_PASSWORD', 'defaultpassword');`

`class DomainController extends Controller`

`{`

&#x20;`public function index()`

&#x20;`{`

&#x20;`$api_username`

&#x20;`}`

**your application key MUST be set. This is the APP\_KEY variable in your .env file. You can generate one via**

`php artisan key:generate`

**Package Configuration**

**Custom or Package configuration filename MUST be in snake\_case**

Good

`config/my_config.php`

Bad

`config/MyConfig.php`

**Config and language files indexes SHOULD be in snake\_case**

Good

// config/myconfig.php

`return [`

&#x20;`'my_api' => [`

&#x20;`'domain' => env('API_DOMAIN'),`

&#x20;`'secret' => env('API_SECRET'),`

&#x20;`],`

Bad

// config/myconfig.php

`return [`

&#x20;`'MyApi' => [`

&#x20;`'DOMAIN' => env('API_DOMAIN'),`

&#x20;`'SECRET' => env('API_SECRET'),`

&#x20;`],`

*The best way to figure out if you have implemented best-practice in configuring your app, is if the codebase could be made open source at any moment without compromising any credentials*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sops.larasoft.io/laravel-sops/configuration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.