From 94c08a9e615d8456356fbbb7038dd49b95c9340d Mon Sep 17 00:00:00 2001
From: "Antonio J. Delgado" <ad@susurrando.com>
Date: Mon, 7 Nov 2022 15:08:39 +0200
Subject: [PATCH] add hiera-eyaml

---
 tasks/configure.yml | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/tasks/configure.yml b/tasks/configure.yml
index 07f4bb2..e0b7201 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -137,4 +137,33 @@
   copy:
     src: files/prometheus.yaml
     dest: /etc/puppetlabs/puppet/prometheus.yaml
-    backup: yes
\ No newline at end of file
+    backup: yes
+
+- name: Ensure hiera-eyaml is installed
+  shell: "{{ which_puppetserver.stdout }} gem install hiera-eyaml"
+  args:
+    creates: /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml
+
+- name: Ensure folder for eyaml keys exists
+  file:
+    path: /etc/puppetlabs/puppet/eyaml
+    state: directory
+    owner: puppet
+    group: puppet
+    mode: 0770
+
+- name: Create eyaml keys
+  shell: eyaml createkeys
+  args:
+    chdir: /etc/puppetlabs/puppet/eyaml
+    creates: /etc/puppetlabs/puppet/eyaml/private_key.pkcs7.pem
+  remote_user: puppet
+
+- name: Get eyaml public key
+  slurp:
+    src: /etc/puppetlabs/puppet/eyaml/public_key.pkcs7.pem
+  register: eyaml_public_key
+
+- name: Show public key
+  debug:
+    msg: "EYAML public key is '{{ eyaml_public_key | b64decode }}'"