r/samba-dc: Configure logrotate for KDC

The KDC service, as managed by Samba, continuously logs to two files
that need to be rotated.  The upstream configuration for logrotate only
manages one of these files, and does not correctly signal the service
after rotating, as it expects the service to be managed by systemd
instead of Samba.  As such, we need to adjust the configuration to
handle both files and send SIGHUP directly to the process.

roles/samba-dc/files/krb5kdc.logrotate.conf

@@ -0,0 +1,9 @@
+/var/log/krb5kdc.log /var/log/samba/mit_kdc.log {
+    missingok
+    notifempty
+    monthly
+    rotate 2
+    postrotate
+        pkill -HUP krb5kdc || true
+    endscript
+}

roles/samba-dc/tasks/main.yml

@@ -117,3 +117,11 @@
     samba-tool domain exportkeytab /etc/krb5.keytab
     --principal=host/{{ ansible_fqdn }}
     creates=/etc/krb5.keytab
+
+- name: ensure logroate is configured for samba kdc
+  copy:
+    src: krb5kdc.logrotate.conf
+    dest: /etc/logrotate.d/krb5kdc
+    mode: u=rw,go=r
+  tags:
+  - logrotate