diff --git a/.gitignore b/.gitignore
index f3598f1..a45fb6c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
 /target
 .cargo
 /result
-config.yml
+config-dev.yml
diff --git a/README.md b/README.md
index d6bc438..b601869 100644
--- a/README.md
+++ b/README.md
@@ -33,140 +33,8 @@ A statically compiled binary will be placed in the `result` directory.
 ## Configuration
 
 Domani is configured via a YAML file whose path is given on the command-line.
-The format of the YAML file, along with all default values, is as follows:
-
-```yaml
-origin:
-
-  # Path under which all origin data (i.e. git repositories, file caches,
-  # etc...) will be stored.
-  #
-  # This should be different than any other store_dir_paths.
-  #store_dir_path: REQUIRED
-
-domain:
-
-  # Path under which all domain data (i.e. domains configured by users, HTTPS
-  # certificates, etc...) will be stored.
-  #
-  # This should be different than any other store_dir_paths.
-  #store_dir_path: REQUIRED
-
-  #dns:
-
-    # Address of DNS resolver to use.
-    #resolver_addr: "1.1.1.1:53"
-
-  #acme:
-
-    # Contact email to use when creating HTTPS certificates using LetsEncrypt.
-    # This email will be used for notifying you if certificates are not being
-    # renewed.
-    #contact_email: REQUIRED if service.http.https_addr is set
-
-  # The domain name which will be used to serve the web interface of Domani. If
-  # service.http.https_addr is enabled then an HTTPS certificate for this domain
-  # will be retrieved automatically.
-  #
-  # This can be set to null to disable the web interface entirely.
-  #interface_domain: "localhost"
-
-  # builtins are domains whose configuration is built into domani. These domains
-  # are not able to be configured via the web interface, and will be hidden from
-  # it unless the `public` key is set to true.
-  #builtin_domains:
-
-    # An example built-in domain backed by a git repo.
-    #git.example.com:
-      #kind: git
-      #url: "https://somewhere.com/some/repo.git"
-      #branch_name: main
-
-      # If true then the built-in will be included in the web interface's
-      # domain list, but will not be configurable in the web interface
-      #public: false
-
-  #proxied_domains:
-
-    # An example proxied domain backed by an gemini and HTTP reverse-proxies to
-    # other backends.
-    #
-    # HTTP requests will be proxied to http_url, and gemini requests will be
-    # proxied to gemini_url. Either can be null to disable serving on that
-    # protocol.
-    #
-    # HTTP requests to the backing service will automatically have
-    # X-Forwarded-For and (if HTTPS) X-Forwarded-Proto headers added to them.
-    #
-    # Proxies are currently limited in the following ways:
-    # * http_url must be to an http endpoint (not https)
-    # * dns.resolver_addr is ignored and the system-wide dns is used
-    #
-    #example.com:
-
-      #http_url: "http://some.other.service.com"
-      #gemini_url: "gemini://some.other.service.com"
-
-      # Extra headers to add to proxied requests
-      #http_request_headers:
-      #  - name: Host
-      #    value: "yet.another.service.com"
-      #  - name: X-HEADER-TO-DELETE
-      #    value: ""
-
-      # Set to true to prevent the domain from being served over https, even if
-      # http_url is set.
-      #https_disabled: false
-
-  # External domains will have a TLS key/cert generated and signed for them, but
-  # which will not be served by domani itself. The key/cert files will be placed
-  # in the configured paths.
-  #
-  # HTTPS must be enabled for external_domains to be used.
-  #external_domains:
-    #example.com
-    #  tls_key_path: /dir/path/key.pem
-    #  tls_cert_path: /dir/path/cert.pem
-
-service:
-
-  # Passphrase which must be given by users who are configuring new domains via
-  # the web interface.
-  #passphrase: REQUIRED
-
-  # DNS records which users must add to their domain's DNS so that
-  # Domani can serve the domains. All records given must route to this Domani
-  # instance.
-  #
-  # A CNAME record with the interface_domain of this server is automatically
-  # included, if it's not null itself.
-  #dns_records:
-    #- kind: A
-    #  addr: 127.0.0.1
-
-    #- kind: AAAA
-    #  addr: ::1
-
-    # NOTE that the name given here must resolve to the Domani server.
-    #- kind: CNAME
-    #  name: domain.com
-
-  #http:
-
-    # The address to listen for HTTP requests on. This must use port 80 if
-    # https_addr is set.
-    #http_addr: "[::]:3080"
-
-    # The address to listen for HTTPS requests on. Defaults to not having HTTP
-    # enabled. You can enable HTTPS by setting this to "[::]:443".
-    #https_addr: null
-
-  #gemini:
-
-    # The address to listen for gemini requests on. Set this to null to disable
-    # gemini support.
-    #gemini_addr: "[::]:3965"
-```
+The format of the YAML file, along with all default values, can be found in the
+`config.yml` file in this repo.
 
 The YAML config file can be passed to the Domani process via the `--config-path`
 CLI parameter:
@@ -193,7 +61,7 @@ In order to open a shell with all necessary tooling (expected rust toolchain
 versions, etc...) simply do:
 
 ```
-cp config.yml.tpl config.yml
+cp config-dev.yml.tpl config-dev.yml
 nix develop
 ```
 
diff --git a/config.yml.tpl b/config-dev.yml.tpl
similarity index 100%
rename from config.yml.tpl
rename to config-dev.yml.tpl
diff --git a/config.yml b/config.yml
new file mode 100644
index 0000000..fb0adb5
--- /dev/null
+++ b/config.yml
@@ -0,0 +1,130 @@
+origin:
+
+  # Path under which all origin data (i.e. git repositories, file caches,
+  # etc...) will be stored.
+  #
+  # This should be different than any other store_dir_paths.
+  #store_dir_path: REQUIRED
+
+domain:
+
+  # Path under which all domain data (i.e. domains configured by users, HTTPS
+  # certificates, etc...) will be stored.
+  #
+  # This should be different than any other store_dir_paths.
+  #store_dir_path: REQUIRED
+
+  #dns:
+
+    # Address of DNS resolver to use.
+    #resolver_addr: "1.1.1.1:53"
+
+  #acme:
+
+    # Contact email to use when creating HTTPS certificates using LetsEncrypt.
+    # This email will be used for notifying you if certificates are not being
+    # renewed.
+    #contact_email: REQUIRED if service.http.https_addr is set
+
+  # The domain name which will be used to serve the web interface of Domani. If
+  # service.http.https_addr is enabled then an HTTPS certificate for this domain
+  # will be retrieved automatically.
+  #
+  # This can be set to null to disable the web interface entirely.
+  #interface_domain: "localhost"
+
+  # builtins are domains whose configuration is built into domani. These domains
+  # are not able to be configured via the web interface, and will be hidden from
+  # it unless the `public` key is set to true.
+  #builtin_domains:
+
+    # An example built-in domain backed by a git repo.
+    #git.example.com:
+      #kind: git
+      #url: "https://somewhere.com/some/repo.git"
+      #branch_name: main
+
+      # If true then the built-in will be included in the web interface's
+      # domain list, but will not be configurable in the web interface
+      #public: false
+
+  #proxied_domains:
+
+    # An example proxied domain backed by an gemini and HTTP reverse-proxies to
+    # other backends.
+    #
+    # HTTP requests will be proxied to http_url, and gemini requests will be
+    # proxied to gemini_url. Either can be null to disable serving on that
+    # protocol.
+    #
+    # HTTP requests to the backing service will automatically have
+    # X-Forwarded-For and (if HTTPS) X-Forwarded-Proto headers added to them.
+    #
+    # Proxies are currently limited in the following ways:
+    # * http_url must be to an http endpoint (not https)
+    # * dns.resolver_addr is ignored and the system-wide dns is used
+    #
+    #example.com:
+
+      #http_url: "http://some.other.service.com"
+      #gemini_url: "gemini://some.other.service.com"
+
+      # Extra headers to add/remove to proxied requests
+      #http_request_headers:
+      #  - name: Host
+      #    value: "yet.another.service.com"
+      #  - name: X-HEADER-TO-DELETE
+      #    value: ""
+
+      # Set to true to prevent the domain from being served over https.
+      #https_disabled: false
+
+  # External domains will have a TLS key/cert generated and signed for them, but
+  # which will not be served by domani itself. The key/cert files will be placed
+  # in the configured paths.
+  #
+  # HTTPS must be enabled for external_domains to be used.
+  #external_domains:
+    #example.com
+    #  tls_key_path: /dir/path/key.pem
+    #  tls_cert_path: /dir/path/cert.pem
+
+service:
+
+  # Passphrase which must be given by users who are configuring new domains via
+  # the web interface.
+  #passphrase: REQUIRED
+
+  # DNS records which users must add to their domain's DNS so that
+  # Domani can serve the domains. All records given must route to this Domani
+  # instance.
+  #
+  # A CNAME record with the interface_domain of this server is automatically
+  # included, if it's not null itself.
+  #dns_records:
+    #- kind: A
+    #  addr: 127.0.0.1
+
+    #- kind: AAAA
+    #  addr: ::1
+
+    # NOTE that the name given here must resolve to the Domani server.
+    #- kind: CNAME
+    #  name: domain.com
+
+  #http:
+
+    # The address to listen for HTTP requests on. This must use port 80 if
+    # https_addr is set.
+    #http_addr: "[::]:3080"
+
+    # The address to listen for HTTPS requests on. Defaults to not having HTTP
+    # enabled. You can enable HTTPS by setting this to "[::]:443".
+    #https_addr: null
+
+  #gemini:
+
+    # The address to listen for gemini requests on. Set this to null to disable
+    # gemini support.
+    #gemini_addr: "[::]:3965"
+
diff --git a/flake.nix b/flake.nix
index 096fae5..ce28751 100644
--- a/flake.nix
+++ b/flake.nix
@@ -51,7 +51,7 @@
             export CARGO_HOME=$(pwd)/.cargo
 
             if [ -f "config.yml" ]; then
-              export DOMANI_CONFIG_PATH=config.yml
+              export DOMANI_CONFIG_PATH=config-dev.yml
             fi
           '';
         } // opensslEnv);