diff --git a/configs/.env.development b/configs/.env.development
index 5afce8f17..0362d2600 100644
--- a/configs/.env.development
+++ b/configs/.env.development
@@ -3,26 +3,43 @@ AWS_ACCESS_KEY_ID=AKIAJXF6CNCWBWNX7JZQ
 AWS_SECRET_ACCESS_KEY=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
 CONTAINER_STOP_LIMIT=10
 DOCKER_IMAGE_BUILDER_CACHE=/git-cache
-DOMAIN=localhost:3001
+DOMAIN=localhost:3000
 FULL_API_DOMAIN=http://localhost:3030
 GITHUB_CALLBACK_URL=http://localhost:3030/auth/github/callback
 GITHUB_CLIENT_ID=043ad89560d61420ea9e
 GITHUB_CLIENT_SECRET=2f093b482a760730d639d11fac20fe963a412bcb
-GITHUB_DEPLOY_KEYS_BUCKET=runnable.deploykeys.development
+GITHUB_DEPLOY_KEYS_BUCKET=runnable.deploykeys.production-gamma
 GITHUB_DEPLOY_KEYS_POOL_SIZE=10
 GITHUB_DEPLOY_KEY_TITLE=Runnable-development
 GITHUB_HOOK_SECRET=3V3RYTHINGisAW3S0ME!
 KRAIN_PORT=3100
 LOG_SRC=true
-MONGO=mongodb://127.0.0.1:27017/runnable2
+MONGO=mongodb://api:[REPLACEME]@127.0.0.1:27020/gamma
 OPTIMUS_HOST=optimus-staging-CodeNow.runnableapp.com
 OPTIMUS_PORT=80
 PORT=3030
 RABBITMQ_HOSTNAME=localhost
+RABBITMQ_PORT=5672
 RABBITMQ_PASSWORD=guest
 RABBITMQ_USERNAME=guest
 REDIS_IPADDRESS=127.0.0.1
 REDIS_PORT=6379
-S3_CONTEXT_RESOURCE_BUCKET=runnable.context.resources.development
+S3_CONTEXT_RESOURCE_BUCKET=runnable.context.resources.production-gamma
+SENDGRID_KEY=SG.TOTALLYaFAKEkey
 ALLOW_ALL_CORS=true
+BIG_POPPA_HOST=localhost:7788
+VALID_REDIR_TLDS=localhost
+# used by new relic npm module
+NEW_RELIC_TRACER_ENABLED=false
+NUM_WORKERS=1
+USER_CONTENT_DOMAIN=runnable.ninja
+RABBITMQ_HOSTNAME=localhost
+VALID_REDIR_TLDS=runnable-gamma.com,runnable.ninja
+WEB_URL=https://app.runnable-gamma.com
+SWARM_HOST=http://localhost:52375
+IS_QUEUE_WORKER=true
+GITHUB_VARNISH_HOST=api.github.com
+GITHUB_VARNISH_PORT=443
+GITHUB_PROTOCOL=https
 AWS_ALIAS_HOST=us-west-2.compute.internal
+GITHUB_WEBHOOK_URL=http://drake.runnable-gamma.com/github
diff --git a/lib/express-app.js b/lib/express-app.js
index 56db01a69..a761f6bbd 100644
--- a/lib/express-app.js
+++ b/lib/express-app.js
@@ -38,8 +38,11 @@ app.use(passport.initialize({ userProperty: 'sessionUser' }))
 app.use(passport.session())
 
 // Add CSRF protection!
-app.use(csrf.csrfValidator)
-app.use(csrf.csrfCookieInjector)
+
+if (!envIs('development')) {
+  app.use(csrf.csrfValidator)
+  app.use(csrf.csrfCookieInjector)
+}
 
 /**
  * Attach session properties and request body (if present) to domain