master.pp

$hiera_datadir = "\"${settings::confdir}/environments/%{environment}/hieradata\""
$eyaml_keys = "${settings::confdir}/keys"
$eyaml_public = "${eyaml_keys}/public_key.pkcs7.pem"
$eyaml_private = "${eyaml_keys}/private_key.pkcs7.pem"

class { 'hiera::eyaml':
  confdir     => $settings::confdir,
  create_keys => false,
  before      => Class['hiera'],
}
class { 'hiera':
  datadir         => $hiera_datadir,
  eyaml_datadir   => $hiera_datadir,
  hierarchy       => [
    'node/%{clientcert}',
    'site_env/%{companyname_site}_%{companyname_env}',
    'region_env/%{companyname_region}_%{companyname_env}',
    'site/%{companyname_site}',
    'common',
  ],
  eyaml           => true,
  eyaml_extension => 'yaml',
  notify          => Service['pe-puppetserver'],
}

file { $eyaml_public:
  ensure    => file,
  owner     => 'pe-puppet',
  group     => 'pe-puppet',
  mode      => '0644',
  show_diff => false,
  content   => file($eyaml_public),
}
file { $eyaml_private:
  ensure    => file,
  owner     => 'pe-puppet',
  group     => 'pe-puppet',
  mode      => '0600',
  show_diff => false,
  content   => file($eyaml_private),
}