# profiles::puppet::eyaml
class profiles::puppet::eyaml (
  String $privatekey = '',
  String $publickey = '',
) {

  # create the /var/lib/puppet/keys directory
  file { '/var/lib/puppet':
    ensure => 'directory',
    owner  => 'puppet',
    group  => 'root',
    mode   => '0755',
  }
  file { '/var/lib/puppet/keys':
    ensure  => 'directory',
    owner   => 'puppet',
    group   => 'root',
    mode    => '0755',
    require => File['/var/lib/puppet']
  }
  # manage the eyaml private key
  file { '/var/lib/puppet/keys/private_key.pkcs7.pem':
    ensure  => 'file',
    owner   => 'puppet',
    group   => 'root',
    mode    => '0400',
    content => Sensitive($privatekey),
    before  => Service['puppetserver'],
    require => File['/var/lib/puppet/keys'],
  }
  # manage the eyaml private key
  file { '/var/lib/puppet/keys/public_key.pkcs7.pem':
    ensure  => 'file',
    owner   => 'puppet',
    group   => 'root',
    mode    => '0400',
    content => Sensitive($publickey),
    before  => Service['puppetserver'],
    require => File['/var/lib/puppet/keys'],
  }
}