Note that this method has started to give the following warning:

Warning: implicit hook found: lein-environ.plugin/hooks Hooks are deprecated and will be removed in a future version.

There's a ticket for this on the lein-environ github, but I don't know a real solution for it yet.

The goal: keep your database authentication details out of your Git repository.

The mechanism: environ and the lein-environ plugin.

How to do it: firstly, your dependencies should look like so:

:dependencies [[org.clojure/clojure "1.8.0"]
               [environ "1.1.0"]]
:plugins [[lein-environ "1.1.0"]]

You need both the dependency and the plugin.

To just specify a static value that always gets passed through to the code, just specify it directly in the project.clj:

:env {:daves-variable "42"}

To separate this out, you create a local profiles.clj file in your project root. You can add this to gitignore.

{:dev {:env {:database-password "xyzzy"}}}

Now from your code, you just do the following:

(ns myapp.core
  (:require [environ.core :as environ]))

(defn main []
  (println (:database-password environ/env)))

The namespace environ.core exports a var env which is a configuration map. Keys are automatically kebab cased, and Leiningen knows to merge the profiles.clj from the project root into the environment, due to the lein-environ plugin.