diff --git a/Dockerfile b/Dockerfile
index 4a40e339..53cac5f3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,6 +21,10 @@ COPY --from=builder /workspace/bin/ciam-rebac /usr/local/bin/
 COPY --from=builder /workspace/configs/config.yaml /usr/local/bin/
 
 ENV SPICEDB_PRESHARED $SPICEDB_PRESHARED
+ENV SPICEDB_ENDPOINT $SPICEDB_ENDPOINT
+ENV SPICEDB_HTTPADDR $SPICEDB_HTTPADDR
+ENV SPICEDB_GRPCADDR $SPICEDB_GRPCADDR
+
 EXPOSE 8000
 EXPOSE 9000
 
diff --git a/README.md b/README.md
index ac3a07f3..24521410 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,10 @@ cd cmd/server
 wire
 ```
 
+## Run Rebac service with env
+
+`docker run -e SPICEDB_PRESHARED=foobar -e SPICEDB_HTTPADDR=0.0.0.0:8001 quay.io/ciam_authz/insights-rebac`
+
 ## Spicedb using docker/podman
 
 ## Run the spicedb
diff --git a/cmd/ciam-rebac/main.go b/cmd/ciam-rebac/main.go
index e8a90f85..18e17fa3 100644
--- a/cmd/ciam-rebac/main.go
+++ b/cmd/ciam-rebac/main.go
@@ -76,14 +76,6 @@ func main() {
 		panic(err)
 	}
 
-	preshared, err := c.Value("PRESHARED").String()
-	if err != nil {
-		log.NewHelper(logger).Errorf("Failed to read preshared key env %d", err)
-	}
-	if preshared != "" {
-		bc.Data.SpiceDb.Token = preshared
-	}
-
 	app, cleanup, err := wireApp(bc.Server, bc.Data, logger)
 	if err != nil {
 		panic(err)
diff --git a/configs/config.yaml b/configs/config.yaml
index 241e6e28..66287c96 100644
--- a/configs/config.yaml
+++ b/configs/config.yaml
@@ -1,12 +1,12 @@
 server:
   http:
-    addr: 0.0.0.0:8000
+    addr: "${HTTPADDR:0.0.0.0:8000}"
     timeout: 1s
   grpc:
-    addr: 0.0.0.0:9000
+    addr: "${GRPCADDR:0.0.0.0:9000}"
     timeout: 1s
 data:
   spiceDb:
     useTLS: false
-    endpoint: spicedb:50051
-    token: "${SPICEDB_PRESHARED:foobar}"
+    endpoint: "${ENDPOINT:spicedb:50051}"
+    token: "${PRESHARED:foobar}"