add hiera-eyaml

tasks/configure.yml

@@ -138,3 +138,32 @@
     src: files/prometheus.yaml
     dest: /etc/puppetlabs/puppet/prometheus.yaml
     backup: yes
+
+- name: Ensure hiera-eyaml is installed
+  shell: "{{ which_puppetserver.stdout }} gem install hiera-eyaml"
+  args:
+    creates: /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml
+
+- name: Ensure folder for eyaml keys exists
+  file:
+    path: /etc/puppetlabs/puppet/eyaml
+    state: directory
+    owner: puppet
+    group: puppet
+    mode: 0770
+
+- name: Create eyaml keys
+  shell: eyaml createkeys
+  args:
+    chdir: /etc/puppetlabs/puppet/eyaml
+    creates: /etc/puppetlabs/puppet/eyaml/private_key.pkcs7.pem
+  remote_user: puppet
+
+- name: Get eyaml public key
+  slurp:
+    src: /etc/puppetlabs/puppet/eyaml/public_key.pkcs7.pem
+  register: eyaml_public_key
+
+- name: Show public key
+  debug:
+    msg: "EYAML public key is '{{ eyaml_public_key | b64decode }}'"