# profiles::pki::puppetcerts
class profiles::pki::puppetcerts {

  # Define the directory
  file { '/etc/pki/tls/puppet':
    ensure => 'directory',
    owner  => 'root',
    group  => 'root',
    mode   => '0755',
  }

  # Copy the CA certificate
  file { '/etc/pki/tls/puppet/ca.pem':
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    source  => '/etc/puppetlabs/puppet/ssl/certs/ca.pem',
    require => File['/etc/pki/tls/puppet'],
  }

  # Copy the private key
  file { "/etc/pki/tls/puppet/${facts['networking']['fqdn']}.key":
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0600',
    source  => "/etc/puppetlabs/puppet/ssl/private_keys/${facts['networking']['fqdn']}.pem",
    require => File['/etc/pki/tls/puppet'],
  }

  # Copy the certificate
  $cert = "/etc/puppetlabs/puppet/ssl/certs/${facts['networking']['fqdn']}.pem"
  file { "/etc/pki/tls/puppet/${facts['networking']['fqdn']}.crt":
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    source  => "/etc/puppetlabs/puppet/ssl/certs/${facts['networking']['fqdn']}.pem",
    require => File['/etc/pki/tls/puppet'],
  }
}