Before I wrote few articles how to setup hello-world project on centOS or macOS however now I'm going to work on production setup. I assume you already have you hello-world project and clean centOS environment.
Let's have a look on important moment.
Application secret
## Secret key
# http://www.playframework.com/documentation/latest/ApplicationSecret
# ~~~~~
# The secret key is used to sign Play's session cookie.
# This must be changed for production, but we don't recommend you change it in this file.
play.crypto.secret = "changeme"
There are at least 3 ways how we can use secret key on production side.
1. Secret key as a parameter
It is fine if you have simple application on 1 server, but I would not really recommend that for bigger project./path/to/hello-world -Dplay.crypto.secret="secret_token_123"
2. Environment variables
That would read variable from OS environment, otherwise default value will be used (actually the last defined one, in example below it is "chagneme").play.crypto.secret="changeme"
play.crypto.secret=${?APPLICATION_SECRET}
3. Use separate configuration file
Separate configuration is probably the best way to go.include "application"
play.crypto.secret="QCY?tAnfk?aZ?iwrNwnxIlR6CTf:G3gf:90Latabg@5241AB`R5W:1uDFN];Ik@n"
/path/to/hello-word/bin/yourapp -Dconfig.file=/path/to/production.conf
Secret tools
$ playGenerateSecret
[info] Generated new secret: G28Dze]Z4lr@Or_9DCoz;tT_yCj6opKkkIh27K>[0l_NT9lZaFfs?=zx[Wulz>cX
[success] Total time: 0 s, completed Jan 11, 2017 6:24:12 PM
$ playUpdateSecret
[info] Generated new secret: QmJ?udauJgDj34AYifbprJvbT5I8^Vw1MY0WmbYRscZmAOotkalbhXbIs^48_Uc9
[info] Updating application secret in /Users/dpa/git/eqa-app/conf/application.conf
[info] Replacing old application secret: changeme
[success] Total time: 0 s, completed Jan 11, 2017 9:22:06 PM