Document that passphrase is used for Borg keyfile encryption, not just repokey encryption (#373).

NEWS

@@ -1,4 +1,5 @@
 1.5.13.dev0
+ * #373: Document that passphrase is used for Borg keyfile encryption, not just repokey encryption.
  * Drop support for Python 3.5, which has been end-of-lifed.
  * Update versions of test dependencies (test_requirements.txt and test containers).
  * Only support black code formatter on Python 3.8+. New black dependencies make installation

borgmatic/config/schema.yaml

@@ -185,19 +185,19 @@ map:
                 desc: |
                     The standard output of this command is used to unlock the
                     encryption key. Only use on repositories that were
-                    initialized with passcommand/repokey encryption. Note that
-                    if both encryption_passcommand and encryption_passphrase are
-                    set, then encryption_passphrase takes precedence. Defaults
-                    to not set.
+                    initialized with passcommand/repokey/keyfile encryption. Note
+                    that if both encryption_passcommand and encryption_passphrase
+                    are set, then encryption_passphrase takes precedence.
+                    Defaults to not set.
                 example: "secret-tool lookup borg-repository repo-name"
             encryption_passphrase:
                 type: str
                 desc: |
                     Passphrase to unlock the encryption key with. Only use on
-                    repositories that were initialized with passphrase/repokey
-                    encryption. Quote the value if it contains punctuation, so
-                    it parses correctly. And backslash any quote or backslash
-                    literals as well. Defaults to not set.
+                    repositories that were initialized with
+                    passphrase/repokey/keyfile encryption. Quote the value if it
+                    contains punctuation, so it parses correctly. And backslash
+                    any quote or backslash literals as well. Defaults to not set.
                 example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
             checkpoint_interval:
                 type: int

docs/how-to/set-up-backups.md

@@ -139,8 +139,8 @@ configuration](https://torsion.org/borgmatic/docs/how-to/upgrade/#upgrading-your
 
 ### Encryption
 
-If you encrypt your Borg repository with a passphrase instead of a key file,
-you'll either need to set the borgmatic `encryption_passphrase` configuration
+If you encrypt your Borg repository with a passphrase or a key file, you'll
+either need to set the borgmatic `encryption_passphrase` configuration
 variable or set the `BORG_PASSPHRASE` environment variable. See the
 [repository encryption
 section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption)