diff --git a/docs/configuration.md b/docs/configuration.md
index 202db6103..4d48c3d38 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -86,12 +86,8 @@ gSuite:
 
 For fully-featured production environments that need the full range of features
 (e.g. RDE, correct contact information on the registrar console, etc.) you will
-need to provide configuration for the settings in the following sections:
-
-* `appEngine:`
-* `gSuite:`
-* `registryPolicy:`
-* `registrarConsole:`
+need to specify more settings. The `nomulus-config-production-sample.yaml` file
+contains an exhaustive list of all settings to override.
 
 From a code perspective, all configuration settings ultimately come through the
 `[RegistryConfig][registry-config]` class. This includes a Dagger module called
diff --git a/java/google/registry/config/RegistryConfig.java b/java/google/registry/config/RegistryConfig.java
index c5650e53a..a63661ad4 100644
--- a/java/google/registry/config/RegistryConfig.java
+++ b/java/google/registry/config/RegistryConfig.java
@@ -284,20 +284,6 @@ public final class RegistryConfig {
       return Duration.standardDays(7);
     }
 
-    /**
-     * Returns {@code true} if the target zone should be created in DNS if it does not exist.
-     */
-    @Provides
-    @Config("dnsCreateZone")
-    public static boolean provideDnsCreateZone(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-          return false;
-        default:
-          return true;
-      }
-    }
-
     /**
      * The maximum number of domain and host updates to batch together to send to
      * PublishDnsUpdatesAction, to avoid exceeding AppEngine's limits.
@@ -409,13 +395,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("tmchCaMode")
-    public static TmchCaMode provideTmchCaMode() {
-      switch (RegistryEnvironment.get()) {
-        case PRODUCTION:
-          return TmchCaMode.PRODUCTION;
-        default:
-          return TmchCaMode.PILOT;
-      }
+    public static TmchCaMode provideTmchCaMode(RegistryConfigSettings config) {
+      return TmchCaMode.valueOf(config.registryPolicy.tmchCaMode);
     }
 
     /** The mode that the {@code TmchCertificateAuthority} operates in. */
@@ -440,13 +421,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("tmchCrlUrl")
-    public static URL provideTmchCrlUrl(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-          return makeUrl("http://crl.icann.org/tmch.crl");
-        default:
-          return makeUrl("http://crl.icann.org/tmch_pilot.crl");
-      }
+    public static URL provideTmchCrlUrl(RegistryConfigSettings config) {
+      return makeUrl(config.registryPolicy.tmchCrlUrl);
     }
 
     /**
@@ -459,14 +435,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("tmchMarksdbUrl")
-    public static String provideTmchMarksdbUrl(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-        case UNITTEST:
-          return "https://ry.marksdb.org";
-        default:
-          return "https://test.ry.marksdb.org";
-      }
+    public static String provideTmchMarksdbUrl(RegistryConfigSettings config) {
+      return config.registryPolicy.tmchMarksDbUrl;
     }
 
     /**
@@ -558,13 +528,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("rdeReportUrlPrefix")
-    public static String provideRdeReportUrlPrefix(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-          return "https://ry-api.icann.org/report/registry-escrow-report";
-        default:
-          return "https://test-ry-api.icann.org:8543/report/registry-escrow-report";
-      }
+    public static String provideRdeReportUrlPrefix(RegistryConfigSettings config) {
+      return config.rde.reportUrlPrefix;
     }
 
     /**
@@ -638,13 +603,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("rdeUploadUrl")
-    public static URI provideRdeUploadUrl(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-          return URI.create("sftp://GoogleTLD@sftpipm2.ironmountain.com/Outbox");
-        default:
-          return URI.create("sftp://google@ppftpipm.ironmountain.com/Outbox");
-      }
+    public static URI provideRdeUploadUrl(RegistryConfigSettings config) {
+      return URI.create(config.rde.uploadUrl);
     }
 
     /**
@@ -678,20 +638,8 @@ public final class RegistryConfig {
      */
     @Provides
     @Config("sheetRegistrarId")
-    public static Optional<String> provideSheetRegistrarId(RegistryEnvironment environment) {
-      switch (environment) {
-        case PRODUCTION:
-          return Optional.of("1n2Gflqsgo9iDXcdt9VEskOVySZ8qIhQHJgjqsleCKdE");
-        case ALPHA:
-        case CRASH:
-          return Optional.of("16BwRt6v11Iw-HujCbAkmMxqw3sUG13B8lmXLo-uJTsE");
-        case SANDBOX:
-          return Optional.of("1TlR_UMCtfpkxT9oUEoF5JEbIvdWNkLRuURltFkJ_7_8");
-        case QA:
-          return Optional.of("1RoY1XZhLLwqBkrz0WbEtaT9CU6c8nUAXfId5BtM837o");
-        default:
-          return Optional.absent();
-      }
+    public static Optional<String> provideSheetRegistrarId(RegistryConfigSettings config) {
+      return Optional.fromNullable(config.misc.sheetExportId);
     }
 
     /**
diff --git a/java/google/registry/config/RegistryConfigSettings.java b/java/google/registry/config/RegistryConfigSettings.java
index d8806e410..76bc7bbdc 100644
--- a/java/google/registry/config/RegistryConfigSettings.java
+++ b/java/google/registry/config/RegistryConfigSettings.java
@@ -1,11 +1,11 @@
 // Copyright 2017 The Nomulus Authors. All Rights Reserved.
-// 
+//
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
-// 
+//
 //     http://www.apache.org/licenses/LICENSE-2.0
-// 
+//
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -23,8 +23,10 @@ public class RegistryConfigSettings {
   public GSuite gSuite;
   public RegistryPolicy registryPolicy;
   public Datastore datastore;
+  public Rde rde;
   public RegistrarConsole registrarConsole;
   public Monitoring monitoring;
+  public Misc misc;
 
   /** Configuration options that apply to the entire App Engine project. */
   public static class AppEngine {
@@ -46,6 +48,9 @@ public class RegistryConfigSettings {
     public List<String> registrarChangesNotificationEmailAddresses;
     public String defaultRegistrarWhoisServer;
     public String defaultRegistrarReferralUrl;
+    public String tmchCaMode;
+    public String tmchCrlUrl;
+    public String tmchMarksDbUrl;
   }
 
   /** Configuration for Cloud Datastore. */
@@ -54,6 +59,12 @@ public class RegistryConfigSettings {
     public int eppResourceIndexBucketsNum;
   }
 
+  /** Configuration for Registry Data Escrow (RDE). */
+  public static class Rde {
+    public String reportUrlPrefix;
+    public String uploadUrl;
+  }
+
   /** Configuration for the web-based registrar console. */
   public static class RegistrarConsole {
     public String logoFilename;
@@ -70,4 +81,9 @@ public class RegistryConfigSettings {
     public int stackdriverMaxPointsPerRequest;
     public int writeIntervalSeconds;
   }
+
+  /** Miscellaneous configuration that doesn't quite fit in anywhere else. */
+  public static class Misc {
+    public String sheetExportId;
+  }
 }
diff --git a/java/google/registry/config/default-config.yaml b/java/google/registry/config/default-config.yaml
index 0d83b7ea2..4100edd19 100644
--- a/java/google/registry/config/default-config.yaml
+++ b/java/google/registry/config/default-config.yaml
@@ -1,7 +1,9 @@
 # This is the default configuration file for Nomulus. Do not make changes to it
 # unless you are writing new features that requires you to. To customize an
 # individual deployment or environment, create a nomulus-config.yaml file in the
-# WEB-INF/ directory overriding only the values you wish to change.
+# WEB-INF/ directory overriding only the values you wish to change. You may need
+# to override some of these values to configure and enable some services used in
+# production environments.
 
 appEngine:
   # Globally unique App Engine project ID
@@ -36,6 +38,16 @@ registryPolicy:
   # Default referral URL used when not changed by a registrar.
   defaultRegistrarReferralUrl: https://www.domain-registry.example
 
+  # Mode TMCH should run in (PRODUCTION for production environments, PILOT for
+  # all others including sandbox).
+  tmchCaMode: PILOT
+
+  # URL for the ICANN TMCH Certificate Revocation List.
+  tmchCrlUrl: http://crl.icann.org/tmch_pilot.crl
+
+  # URL for the MarksDB registry interface.
+  tmchMarksDbUrl: https://test.ry.marksdb.org
+
 datastore:
   # Number of commit log buckets in Datastore. Don't change after initial
   # install.
@@ -45,6 +57,16 @@ datastore:
   # initial install.
   eppResourceIndexBucketsNum: 997
 
+
+rde:
+  # URL prefix of ICANN's server to upload RDE reports to. Nomulus adds /TLD/ID
+  # to the end of this to construct the full URL.
+  reportUrlPrefix: https://test-ry-api.icann.org:8543/report/registry-escrow-report
+
+  # SFTP URL to which RDE deposits are uploaded. This should contain a username
+  # but not the password.
+  uploadUrl: sftp://username@rde-provider.example
+
 registrarConsole:
   # Filename of the logo to use in the header of the console. This filename is
   # relative to ui/assets/images/
@@ -76,3 +98,8 @@ monitoring:
 
   # How often metrics are exported to BigQuery.
   writeIntervalSeconds: 60
+
+misc:
+  # The ID of the Google Sheet (as found in the URL) to export registrar details
+  # to. Leave this null to disable syncing.
+  sheetExportId: null
diff --git a/java/google/registry/config/nomulus-config-production-sample.yaml b/java/google/registry/config/nomulus-config-production-sample.yaml
new file mode 100644
index 000000000..b8c7e06f4
--- /dev/null
+++ b/java/google/registry/config/nomulus-config-production-sample.yaml
@@ -0,0 +1,39 @@
+# This is a sample production config (to be deployed in the WEB-INF directory).
+# This is the same as what Google Registry runs in production, except with
+# placeholders for Google-specific settings.
+
+appEngine:
+  projectId: placeholder
+
+gSuite:
+  domainName: placeholder
+  outgoingEmailDisplayName: placeholder
+  outgoingEmailAddress: placeholder
+  adminAccountEmailAddress: placeholder
+
+registryPolicy:
+  contactAndHostRoidSuffix: placeholder
+  productName: placeholder
+  registrarChangesNotificationEmailAddresses:
+    - placeholder
+    - placeholder
+  defaultRegistrarWhoisServer: placeholder
+  defaultRegistrarReferralUrl: placeholder
+  tmchCaMode: PRODUCTION
+  tmchCrlUrl: http://crl.icann.org/tmch.crl
+  tmchMarksDbUrl: https://ry.marksdb.org
+
+rde:
+  reportUrlPrefix: https://ry-api.icann.org/report/registry-escrow-report
+  uploadUrl: sftp://placeholder@sftpipm2.ironmountain.com/Outbox
+
+registrarConsole:
+  logoFilename: placeholder
+  supportPhoneNumber: placeholder
+  supportEmailAddress: placeholder
+  announcementsEmailAddress: placeholder
+  integrationEmailAddress: placeholder
+  technicalDocsUrl: https://drive.google.com/drive/folders/placeholder
+
+misc:
+  sheetExportId: placeholder