diff --git a/README.md b/README.md
index d3bdd3657801e43fa623a40872e8e730b5f931a5..9e0d5c2555be380b5de3237ada68c5c3be22ba59 100644
--- a/README.md
+++ b/README.md
@@ -4,22 +4,22 @@ This playbook is used to install ContainerLab on a VM, and test network configur
 
 To run this playbook:
 ```
-ansible-playbook -i $the-vm-you-want-to-configure, playbook.yml -e "username=$your-username-on-registry" -e "secret_token=$your-secret-tocken" -k
+ansible-playbook -i $the-vm-you-want-to-configure, playbook.yml -k
 ```
 Please note the comma after the target. 
 
-Consider that the Docker repository and the username to login on the box are hardcoded in the playbook: 
+Consider that the Docker repository and the username to login on the box are passed through environment variables: 
 
 ```
 - name: Install Docker and ContainerLab
   hosts: all
   become: true
-  vars:
+  vars: 
     docker:
-      registry_url: gitlab.geant.net:5005/docker/ci_registry   <<<<<<<<<<<<<<<<
-      username: "{{username }}"
-      private_token: "{{ secret_token}}"
-    nat_user: nat                 <<<<<<<<<<<<<<<<
+      registry_url: gitlab.geant.net:5005/docker/ci_registry
+      username: "{{ lookup('ansible.builtin.env', 'GITLAB_USER' }}"
+      private_token: "{{ lookup('ansible.builtin.env', 'GITLAB_TOKEN' }}"
+    nat_user: nat   <<<<<<<< username is hardcoded
   roles:
     - docker
     - containerlab
diff --git a/playbook.yml b/playbook.yml
index 83daf79e0e27dfe7c79017cba10dc5ac0dca1492..6d585003d018a2730ee92def17793f969359cc38 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -4,8 +4,8 @@
   vars: 
     docker:
       registry_url: gitlab.geant.net:5005/docker/ci_registry
-      username: "{{username }}"
-      private_token: "{{ secret_token}}"
+      username: "{{ lookup('ansible.builtin.env', 'GITLAB_USER' }}"
+      private_token: "{{ lookup('ansible.builtin.env', 'GITLAB_TOKEN' }}"
     nat_user: nat
   roles:
     - docker