matrix-backup-borg: fixed requiring password for unencrypted repos; changed variable name

roles/matrix-backup-borg/defaults/main.yml

@@ -41,7 +41,7 @@ matrix_backup_borg_encryption: repokey-blake2
 matrix_backup_borg_ssh_key_private: ""
 
 # allow unencrypted repo access
-matrix_backup_borg_unknown_unencrypted_access: false
+matrix_backup_borg_unknown_unencrypted_repo_access_is_ok: false
 
 # borg ssh command with ssh key
 matrix_backup_borg_storage_ssh_command: ssh -o "StrictHostKeyChecking accept-new" -i /etc/borgmatic.d/sshkey

roles/matrix-backup-borg/tasks/validate_config.yml

@@ -7,4 +7,12 @@
   with_items:
     - "matrix_backup_borg_ssh_key_private"
     - "matrix_backup_borg_location_repositories"
-    - "matrix_backup_borg_storage_encryption_passphrase"
+#    - "matrix_backup_borg_storage_encryption_passphrase"
+#      when: "matrix_backup_borg_unknown_unencrypted_repo_access_is_ok == false"
+#    - "matrix_backup_borg_storage_encryption_passphrase"
+
+- name: Fail if encryption passphrase is undefined unless repository is unencrypted
+  fail:
+    msg: >-
+      You need to define a required passphrase.
+  when: "matrix_backup_borg_storage_encryption_passphrase == '' and not matrix_backup_borg_encryption == 'none'"

roles/matrix-backup-borg/templates/config.yaml.j2

@@ -11,7 +11,7 @@ storage:
   ssh_command: {{ matrix_backup_borg_storage_ssh_command }}
   archive_name_format: '{{ matrix_backup_borg_storage_archive_name_format }}'
   encryption_passphrase: {{ matrix_backup_borg_storage_encryption_passphrase }}
-  unknown_unencrypted_repo_access_is_ok: {{ matrix_backup_borg_unknown_unencrypted_access }}
+  unknown_unencrypted_repo_access_is_ok: {{ matrix_backup_borg_unknown_unencrypted_repo_access_is_ok|to_json }}
 
 retention:
   keep_hourly: {{ matrix_backup_borg_retention_keep_hourly }}