Runtipi 'app update' validates required form_fields against its own
DB-tracked form state, not against app.env. Adding new required fields
to a pre-installed app blocks every update with 'Variable X is required'.
The manager binary already gracefully no-ops basic auth if either env
var is empty (logs a WARN). Drop required:true so updates pass; values
that exist in app.env keep working at runtime.